This document defines the Business Continuity Management Policy for the Company.
The Company is committed to maintaining the continuity of its business in the event of an incident which causes major disruption. To achieve this, the firm has established Business Continuity Management (BCM) as an integral part of the firm’s normal continuity business operations. Plans should be drafted, published and tested for key services as agreed by the Business resilience team within Business Security function.
The statements within this policy shall also apply to all personal data processed by the Company. “Processing” in this context means any operation concerning personal data throughout the information lifecycle; this includes but is not limited to personal data collected, stored, viewed, transferred, analyzed or communicated in hard copy, oral or electronic form.
This policy applies to all staff accessing the Company’s physical and electronic infrastructure, and to all Company’s confidential information (including any personal data) held by the Company.
CONTENT
1. OVERVIEV
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. BUSINESS CONTINUITY MANAGEMENT
3.1 GOVERNANCE AND REPORTING
3.2 ANALYSIS
3.3 RISK ASSESSMENT
3.4 PLANS
3.5 PROVISION
3.6 VALIDATION AND CONTINUOUS IMPROVEMENT
3.7 EDUCATION AND AWARENESS
3.8 THIRD PARTY SUPPLIERS
3.9 INCIDENT RESPONSE
3.10 CRISIS MANAGEMENT
3.11 ADHERENCE
3.12 MAINTENANCE
4. RESPONSIBILITIES
4.1 BUSINESS SECURITY
4.2 THE BUSINESS CONTINUITY TEAM
4.3 SERVICE LINE AND INTERNAL DEPARTMENT BUSINESS CONTINUITY CORE TEAMS
4.4 SERVICE LINE AND INTERNAL DEPARTMENT BUSINESS UNIT RECOVERY TEAMS
4.5 IT SERVICES
5. EXCEPTIONS
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
Pages: 12
This bundle contains all the products listed in the Operations Management section. Take advantage of the 25% OFF when buying the bundle!
The Data Protection Policy outlines the principles that must generally be complied with when processing personal data, in particular when transferring such data. The objective of this policy is to ensure compliance with legal requirements when processing personal data.
The Public Cloud Security Standard (the Standard) establishes security requirements and controls to maintain the Confidentiality, integrity, and availability of the Company’s data in the public cloud.
Review Business Continuity Management Policy – Template 2.
You must be logged in to post a review.