Business Cntinuity Management Plicy Versin: 1.0 Last Amendment: Apprved by: Library Cuncil f New Suth Wales Plicy wner/spnsr: Directr, Operatins and Chief Financial Officer Plicy Cntact Officer: Senir Prject Officer, Planning r Manager, Enterprise Infrmatin Strategy Plicy N: PD/41 TRIM File N: 50419 Date apprved: 20/10/2014 Next review: 01/08/2014 1. Summary The Library Cuncil f New Suth Wales (incrprating the State Library f NSW, State Library f New Suth Wales Fundatin and the Library Cuncil f NSW Staff Agency) has adpted the Business Cntinuity Management (BCM) Framewrk articulated in this plicy and endrsed by the Library s Audit and Risk Cmmittee. The BCM framewrk and assciated plan and plicy will be reviewed n an annual basis. 2. Plicy statement The Library Cuncil f NSW and the State Library Executive recgnises that Business Cntinuity Management is a cre cmpnent f gd gvernance and is an integral part f the Library s Enterprise Risk Management Framewrk. The Library Cuncil f NSW and the State Library Executive are cmmitted t achieving best practice in risk management and applying these principles and practices in its peratins in accrdance with AS/NZS ISO 31000:2009 Risk Management Principles and Guidelines and AS/NZS: 5050:2010 Business Cntinuity Managing Disruptin-Related Risk. Effective management f business cntinuity ensures that the Library is able t deliver essential and critical services fllwing a disruptive event. Business cntinuity management supprts the State Library s strategic peratinal bjectives and gals. Majr business cntinuity risks that culd ptentially r actually disrupt cre business activities r damage assets, will be identified, and preventative and respnsive recvery strategies and plans will be develped and implemented t minimise business interruptin. The key elements f the Library s BCM Plan in rder f pririty are: safety and welfare f peple preservatin f cllectins cntinuity f services reputatin and cmpliance The Library has implemented a tw tier respnse structure, cmprising f Red and Yellw Disaster Respnse teams, t take int accunt either partial r cmplete activatin f the BCM plan due t the severity f the disruptive event. The BCM Business Cntinuity Management Plicy BCMPlicy_v1.0_2014-10-08.dcx 1/5
Plan is hsted externally fr accessibility purpses in the event f a majr disruptin. This plicy is applicable t Library Cuncil, State Library Executive and all State Library staff. 3. Legislative and Plicy Framewrk Relevant legislatin: Gvernment Sectr Emplyment Act 2013 Library Act 1939 Public Finance and Audit Act 1983 State Recrds Act 1998 Related and/r relevant State Library and gvernment plicies State Library Business Cntinuity Management Plan State Library Cde f Cnduct (Staff and Library Cuncil) State Library Enterprise Risk Management Framewrk and Plicy State Library Infrmatin Security Plicy State Library Preservatin Plicy State Recrds Authrity f NSW Standard N. 4 Standard n digital recrdkeeping State Recrds Authrity f NSW Standard N 6 Standard n cunter disaster strategies fr recrds and recrdkeeping systems State Recrds Authrity f NSW Standard N. 11 Standard n the physical strage f State Recrds. NSW Premier and Cabinet Circular C2003-17 Prtecting the archival heritage f the State NSW Premier and Cabinet Memrandum M2007-15 Wrking Arrangements in an Influenza Pandemic NSW Premier and Cabinet Memrandum M2012-15 Digital Infrmatin Security NSW Treasurer s Plicy Papers TPP12-03 A, B & C Risk Management Tlkit fr NSW Public Sectr Agencies Related Australian and Internatinal Standards ISO 9001 Quality Management AS/NZS 5050:2010 Business Cntinuity Managing Disruptin-Related Risk AS/NZS ISO 31000:2009 Risk Management Principles and Guidelines AS ISO 15489.1:2002 Recrds Management General AS ISO 15489.2:2002 Recrds Management - Guidelines AS 3745 Planning fr Emergencies in Facilities 4. Definitins and acrnyms BCM Business Cntinuity Management BCP Business Cntinuity Planning DR Disaster Respnse 5. Respnsibilities The Library Cuncil f NSW is respnsible fr apprval f the BCM Framewrk and Plicy. Business Cntinuity Management Plicy BCMPlicy_v1.0_2014-10-08.dcx 2/5
The Library s Audit and Risk Cmmittee is respnsible fr reviewing whether a sund and effective apprach has been fllwed in establishing the State Library s business cntinuity planning arrangements, including whether disaster recvery plans are in place and tested peridically. The NSW State Librarian & Chief Executive is respnsible fr: ensuring that an effective BCM Prgram is established, implemented and maintained reviewing the BCM Framewrk and Plicy prir t it being frwarded t the Library Cuncil f NSW fr apprval ensuring that business cntinuity is integrated int the crprate planning and cmpliance prcesses f the Library delegating authrity t the Directr Operatins & Chief Financial Officer and ther fficers as apprpriate apprving the Disaster Respnse Management Team Structure during a disaster: act as the media spkespersn n behalf f the Library brief Gvernment and Library Cuncil where necessary, n the circumstances and impact f the disaster n the Library. The Directr, Operatins & Chief Financial Officer is respnsible fr: the develpment, maintenance and nging review f the BCM prgram cnducting an annual review f the BCM Plan implementing peridic testing f the BCM Plan and reprting n test results and prgram imprvement t the NSW State Librarian & Chief Executive and t the Audit and Risk Cmmittee implementing a gvernance structure including a DR management team t versee BCM peratinal activities cmmunicating the BCM framewrk and plicy thrughut the Library prviding supprt, resurces and funding t ensure all relevant staff receive apprpriate training ensuring a suitable and trained Directr is appinted t act as a Deputy t the Directr, Operatins & Chief Financial Officer and t act in their stead in the absence f the Directr when apprpriate: declare an event a Disaster activate the BCM Plan assume the rle f the Red DR team Disaster Cntrller and prvide verall management f all respnse and recvery activities n behalf f the Library Divisinal Directrs are respnsible fr: verseeing the develpment f any divisinal BCM sub-plans required as part f the verall BCM prgram updating and maintaining specific divisinal BCM plans as apprpriate participating in BCM tests and training wrkshps reviewing and reprting n the currency f divisinal BCM plans and prcesses verseeing the annual review f the BCM Plan as it relates t their divisin Business Cntinuity Management Plicy BCMPlicy_v1.0_2014-10-08.dcx 3/5
establish apprpriate sub-cmmittees / wrking grups such as the Cllectin Services Cunter Disaster Management Cmmittee, t facilitate divisinal cunter disaster management activities ensuring a suitable and trained Manager is appinted t act as a Deputy t the Divisinal Directr and t act in their stead in the absence f the Directr during a disaster: assume the rle f Divisinal Team Leader and prvide verall management f all respnse and recvery activities n behalf f the Divisin reprt t the Red DR team Disaster Cntrller The Manager, Facilities and Security is respnsible fr: crdinating all BCM tests and simulatins n behalf f the Directr Operatins & Chief Financial Officer crdinating and implementing any BCM Plan revisin r review during a disaster: activate the Library s Yellw Level BCM plan as relevant act as the Yellw DR team Disaster Cntrller n behalf f the Library fr all Yellw Level disaster events. Managers and Supervisrs are respnsible fr: implementing dcumented and apprved BCM plans as directed by their Divisinal Directr participating in BCM tests and simulatins prviding feedback, imprvement in relatin t actual BCM perfrmance pst any test, simulatin r actual event during a disaster manage respnse and recvery activities within their areas f respnsibility during a disaster. Staff are respnsible fr assisting managers and supervisrs with the implementatin f the BCM Plan within their wrk areas and cmplying with the plicy and framewrk requirements. 6. Recrdkeeping Full and accurate recrds f all disaster management activities are t be maintained securely and registered in the State Library s recrdkeeping systems in accrdance with the Recrds Management Plicy and the State Recrds Act 1998. 7. Reprting requirements The BCM Plan shall be reviewed annually r ften as changes require, with ntificatin f changes t the Directr, Operatins & Chief Financial Officer. All majr updates shuld be incrprated as sn as pssible and nt held t satisfy a pre-arranged schedule. Reprting business cntinuity planning status and prgress is a key element f creating an effective BCM prgram. The Directr, Operatins & Chief Financial Officer shall reprt the status and prgress f the BCM prgram t the Audit and Risk Cmmittee n an annual basis r after every BCM test. Business Cntinuity Management Plicy BCMPlicy_v1.0_2014-10-08.dcx 4/5
8. Apprval This plicy was apprved by the Library Cuncil f New Suth Wales n 20 Octber 2014 fllwing endrsement by the Executive n 22 July 2014 and the Audit and Risk Cmmittee 26 September 2014. 9. Implementatin This plicy is implemented n 20 Octber 2014. 10. Prepared by: Senir Prject Officer, Planning and Manager, Enterprise Infrmatin Strategy 16 July 2014. 11. Dcument Histry and Versin Cntrl Versin Date apprved Apprved by Endrsed by Brief descriptin 1.0 22 July 2014 26 September 2014 20 Octber 2014 Executive fr Audit and Risk Cmmittee endrsement Library Cuncil f New Suth Wales Audit and Risk Cmmittee First release Business Cntinuity Management Plicy BCMPlicy_v1.0_2014-10-08.dcx 5/5