Essex Clinical Commissioning Groups. Business Continuity Management System. Business Impact Analysis Datasheet

Similar documents
Essex Clinical Commissioning Groups. Business Continuity Management System. Business Impact Analysis Process

Essex Clinical Commissioning Groups. Business Continuity Management System. Scope and Policy

Hazard Identification, Risk Assessment and Management Procedure. Documentation Control

Version: 3.0. Effective From: 19/06/2014

BUSINESS CONTINUITY POLICY

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy

NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)

Birmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy

Quality and Engagement Sub Committee

DERBYSHIRE COUNTY COUNCIL BUSINESS CONTINUITY POLICY

Business Continuity Management Policy

RISK MANAGEMENT POLICY. Version 3

Desktop Scenario Self Assessment Exercise Page 1

Removal of Gender Restrictions on Australian Defence Force Combat Role Employment Categories

Complaints Policy. Controlled Document Number: Version Number: 6 Controlled Document Sponsor: Controlled Document Lead: Approved By:

Risk Management Strategy

NHS Lancashire North CCG Business Continuity Management Policy and Plan

Risk Management: Coordinated activities to direct and control an organisation with regard to risk.

Solihull Clinical Commissioning Group

BUSINESS CONTINUITY MANAGEMENT POLICY

How to Exercise a Business Continuity Plan (BCP)

BUSINESS CONTINUITY PLAN 1 DRAFTED BY: INTEGRATED GOVERNANCE MANAGER 2 ACCOUNTABLE DIRECTOR: DIRECTOR OF QUALITY AND SAFETY 3 APPLIES TO: ALL STAFF

WHS Risk Assessment and Control Form

Business Continuity Management Policy and Plan

CORP RISK MANAGEMENT POLICY & METHODOLOGY

NHS Hardwick Clinical Commissioning Group. Business Continuity Policy

Application / Hardware - Business Impact Analysis Template. MARC Configuration Requirements. Business Impact Analysis

AGENDA ITEM NO: Meeting Title/Date: Governing Body - 21 July LNCCG Risk Management Strategy and Policy

Information Security Policy. Chapter 11. Business Continuity

Risk Management Policy and Framework

BUSINESS CONTINUITY POLICY

RISK MANAGEMENT STRATEGY

A guide and tool kit for non-government organisations to plan future workforce needs

Essex Fire Authority

NHS Central Manchester Clinical Commissioning Group (CCG) Business Continuity Management (BCM) Policy. Version 1.0

Business Continuity Policy

Glasgow Life Risk Management & Business Continuity Planning. Final Report

Board of Directors 24 October 2014

BUSINESS CONTINUITY MANAGEMENT FRAMEWORK

Business Continuity Management Policy and Plan

1.0 Policy Statement / Intentions (FOIA - Open)

EPRR: BCP - Checklist

Business Continuity Planning

Business Continuity Planning Policy

Bedford Group of Drainage Boards

Core Infrastructure Risk Management Plan

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:

Pandemic Influenza Plan 2015/2016

Business Continuity Policy

NHS NEWCASTLE GATESHEAD CLINICAL COMMISSIONING GROUP

South Norfolk Council Business Continuity Policy

GUIDANCE ON THE COMPILATION OF BUSINESS CONTINUITY PLANS. Front cover Add your logo, company name and the date the plan was last amended.

Business Continuity Business Continuity Management Policy

NOS for Network Support (903)

Internal Audit Report Disaster Recovery / Business Continuity Planning

Project Risk Analysis toolkit

RISK MANAGEMENT PLAN APRIL M:\MAPPS\RiskManagementPlanApr10.doc Page 1 of 5

Business Continuity Policy and Business Continuity Management System

CHAPTER 1: BUSINESS CONTINUITY MANAGEMENT STRATEGY AND POLICY

RISK ASSESSMENT. Australian Risk Management Standard AS/NZS 4360:200 defines a risk as;

Job description. Job title: Server Infrastructure Analyst 1

Information Services IT Security Policies B. Business continuity management and planning

Business Continuity Planning and Disaster Recovery Planning

BUSINESS CONTINUITY PLANNING

BUSINESS CONTINUITY MANAGEMENT POLICY

Business Continuity Plan Toolkit

Business Continuity (Policy & Procedure)

PROCESS FOR RISK ASSESSMENT

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy

Health & Safety Risk Assessment Guidance

Title: OHS Risk Management Procedure

Risk Register Policy and Procedure

Wirral Council: Job Role Descriptor HR USE ONLY

Business Continuity Policy

Business Continuity Management. Policy Statement and Strategy

BUSINESS CONTINUITY PLANNING

RISK MANAGEMENT POLICY

Tips and techniques a typical audit programme

Business Continuity Management Policy and Framework

39 GB Guidance for the Development of Business Continuity Plans

BUSINESS CONTINUITY STRATEGY

Risk Management Policy. Corporate Governance Risk Management Policy

Xavier Catholic College Risk Management - Policy & Procedure

BUSINESS CONTINUITY PLAN

Infrastructure Support Engineer Job Profile

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.

BUSINESS CONTINUITY PLAN

Emergency Preparedness, Resilience and Response (EPRR)

Business Continuity & Disaster Recovery

Audit Committee, 28 November. HCPC Project Risk Management. Executive summary and recommendations. Introduction

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy

Managing Risk in Procurement Guideline

It may also include denial of use of property, plant and equipment or the inability of employees to attend their place of work.

Information Governance Strategy 2015/16

Risk Management Policy and Process Guide

POLICY. 1) Business Continuity Management 2) Disaster Recovery 3) Critical Incident Management 4) Risk Management

Business/ Organisation Name

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

Report of Cabinet Member for Finance and Strategy. Cabinet 21 January 2016 THE MOVE TO AN IN-HOUSE MANAGED ICT SERVICE

Incident Management Policy

Transcription:

Item 013.2b Essex Clinical Commissioning Groups Business Continuity Management System Business Impact Analysis Datasheet BIA Author: BIA Owner: Version: Daniel Hale - Head of Emergency Planning Draft Date ratified: Ratifying By: Essex CCG Integrated Emergency Preparedness Committee Annual Review Date: EP Review Date:

1.0 Service/Departmental Information CCG Service/ Department Director Service/ Department Manager Business Continuity Lead Department Contact Details (email, work & mobile number) Contact Details (email, work & mobile number) Contact Details (email, work & mobile number) E: T: M: E: T: M: E: T: M: Services / Products Activities Page 2 of 11

2.0 Business As Usual Operations The aim of this section is to document the routine business as usual working arrangements for the following: 2.1 Staffing The information should outline staffing information for each service / activity including the number of whole time equivalents, current work rota broken down by day, time and quantity of staff by pay band and any operational differences which may occur, such as work only undertaken by a morning shift/role. Service / Activity Total Number of Staff (WTE) 2.2 Location of Activity The information provided should list the physical areas used to undertake prioritised activities, and should be broken down by area/floor where appropriate. Location of Services / Activities (inc Building Name & Address) Building owned by (CCG/Trust/Community Site/3 rd Party) Services / Activities 2.3 Information Technology Systems The information provided should list the IT hardware, software and telephony equipment including quantities used within the location to undertake prioritised activities listed alphabetically. Service / Activity IT Hardware IT Application / Software (inc version) Telephony

2.4 Equipment The information provided should create a matrix of equipment including quantities for supplies, consumables and large/specialist pieces of equipment used to undertake the prioritised activities and listed alphabetically. This should also include any vital paper records. Service / Activity Equipment: 2.5 Key Dependencies The aim of this section is to define what key dependencies the department have during routine working: 2.5.1 Departmental The information provided should list any internal individuals within the department on whom there is a key dependency, such as specific skills, expertise or access not shared with others in the department, e.g user access to specific system. Name of individual/title of Role Nominated Deputy: Skills / expertise not shared with colleagues 2.5.2 Suppliers The information provided should list any internal departments and external organisations which provide a service, product or goods listed alphabetically. Service / Activity Internal Supplier Service/product or goods provided External Supplier Service/product or goods provided Page 4 of 11

2.5.3 Customers The information provided should list any internal departments and external organisations which receive a service, product or goods listed alphabetically. Service / Activity Internal Customer Service/product or goods received External Customer Service/product or goods received Page 5 of 11

3.0 Time Critical Periods / Service Priority The aim of this section is to agree what impact a disruption to the delivery of a service/product would have over time, so that the priority for service restoration can be established. A rating for each of the impact priorities over time should be given for each of the services, products and activities, using the following definitions: Impact Level Description Patient Experience / Outcome and Quality No impact to patient 0 None experience, outcome or quality 1 Insignificant Unsatisfactory patient experience not directly related to patient care 2 Minor Unsatisfactory patient experience - readily resolved Financial Cost/Loss No financial impact Adverse Publicity/ Reputation No adverse Publicity or reputational impact Business Objectives / Performance No impact to delivery of business objectives Small loss Rumours Minor delay in delivering some non-core business objectives Loss > 0.1% of budget Local Media - short term. Minor effect on staff morale. Inability to operate some non-core business objectives 3 Moderate Mismanagement of patient care, short term effects (less than a week) 4 Major Serious mismanagement of patient care, long term effects (more than a week) 5 Catastrophic Totally unsatisfactory Patient outcome or experience Loss > 0.25% of budget Loss > 0.5% of budget Loss > 1% of budget Local media - long Term. Significant effect on staff morale. National Media <3 days National Media >3 days. MP concern (questions in the House) Ability to only operate/provide core business objectives only Inability to operate/provide some core business objectives Inability to operate/provide any core business objectives Service/Product/Activity Impact Priorities Patient Safety / Outcome Financial Cost/Loss Reputation Business Objectives Priorities 0 Hour 4 Hours 1 Day 3 Days 1 Week 2 Weeks 3 Weeks 1 Month 1+ Months Page 6 of 11

3.1 Minimum Business Continuity Objectives This section will establish the Minimum Business Continuity Objectives for each service, based upon the Critical Time Periods and Service Priorities. Service Minimum Business Continuity Objective Page 7 of 11

4.0 Minimum Business Continuity Objectives The aim of this section is to agree what resources would be required to fulfil the Minimum Business Continuity Objectives to be achieved for prioritised activities, during the recovery phase from a business continuity incident to ensure the safe and effective continuation of healthcare commissioning and management. The information gathered under business as usual operations (Section 7.1) should be reviewed to state the MBCO for each category. 4.1 Staffing The information provided staffing information for each service / activity including the number of whole time equivalents, current work rota broken down by day, time and quantity of staff by pay band and any operational differences which may occur, such as work only undertaken by a morning shift. Service / Activity Total Number of Staff (WTE) 4.2 Location of Activity The information provided should list the physical areas used to undertake prioritised activities and should be broken down by area/floor where appropriate. Location of Services / Activities (inc Building Name & Address) Building owned by (CCG/Trust/Community Site/3 rd Party) Services / Activities 4.3 Information Technology Systems The information provided should list the IT hardware, software and telephony equipment including quantities used within the location to undertake prioritised activities listed alphabetically. Service / Activity IT Hardware IT Application / Software (inc version) Telephony Page 8 of 11

4.4 Equipment The information provided should create a matrix of equipment including quantities for supplies, consumables and large/specialist pieces of equipment used to undertake the prioritised activities and listed alphabetically. This should also include any vital paper records. Service / Activity Equipment: 4.5 Key Dependencies The aim of this section is to define what key dependencies the department have during routine working; 4.5.1 Departmental The information provided should list any internal individuals within the department on whom there is a key dependency, such as specific skills, expertise or access not shared with others in the department, e.g user access to specific system. Name of individual/ Title of Role Nominated Deputy: Skills / expertise not shared with colleagues 4.5.2 Suppliers The information provided should list any internal departments and external organisations which provide a service, product or goods listed alphabetically. Service / Activity Internal Supplier Service/product or goods provided External Supplier Service/product or goods provided Page 9 of 11

4.5.3 Customers The information provided should list any internal departments and external organisations which receive a service, product or goods listed alphabetically. Service / Activity Internal Customer Service/product or goods received External Customer Service/product or goods received Page 10 of 11

5.0 Risk Assessment This section lists the disruptive events to prioritised activities using the likelihood descriptors of the Corporate Risk Register. Risk I L R Mitigation I L R Outcomes, evidence and residual risk

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information