UNIVERSITY OF ABERDEEN ADVISORY GROUP ON BUSINESS CONTINUITY & RESILIENCE BUSINESS CONTINUITY POLICY

Similar documents
Business Continuity Management Policy. Guidance

NOT PROTECTIVELY MARKED BUSINESS CONTINUITY. Head of Protective Services Specialist Operations. Business Continuity Manager

WILTSHIRE POLICE FORCE POLICY

Business Continuity. Building a Program Fit for Purpose

Exercise Tangaroa Evaluation Plan. V1.0 4 February 2016

Corporate policy. Business Continuity Management Policy. Issue sheet

Melanie Quinlan, Business Continuity & Compliance Manager, Resources & Quality Assurance

National Ambulance Service 1 of 21 NAS Headquarters Version th September 2011 Authorised by NAS Leadership Team

The Newcastle upon Tyne Hospitals NHS Foundation Trust. Business Continuity Management Policy

RISK MANAGEMENT STRATEGY

GUIDANCE NOTE FOR DEPOSIT TAKERS (Class 1(1) and Class 1(2))

Business Continuity Policy

JOB DESCRIPTION SALARY: 36,004

Risk Management Strategy

Strategic Planning for Recovery Director s Guideline for Civil Defence Emergency Management Groups [DGL 20/17]

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK

Public Information Manager

Update from the Business Continuity Working Group

POSITION DESCRIPTION HUMAN RESOURCES MANAGER

Job Description: CMAT Chief Operating Officer

Officer. Emergency Management. Competency Framework Role Map. Civil Defence Emergency Management

Job description. Details of the job. Strategic Planning Officer. Salary grade: Hours: 37. Location: Strategic Planning Manager.

Business Continuity Policy. Interim Governance Consultant. October Greenwich Executive Group

Area Manager, Protection

The Sector Skills Council for the Financial Services Industry. National Occupational Standards. Risk Management for the Financial Sector

Safer Recruitment Policy

Head of Security and Business Continuity

INFORMATION GOVERNANCE MANAGEMENT FRAMEWORK

BUSINESS CONTINUITY MANAGEMENT POLICY. Organisational

NSW DEPARTMENT OF EDUCATION AND COMMUNITIES

BUSINESS CONTINUITY AS A SERVICE

JOB DESCRIPTION. Challney High School for Boys and Community College

POL:10:EP:003:03:NIBT PAGE 1 of 7

BUSINESS CONTINUITY MANAGEMENT POLICY

IG01 Information Governance Management Framework

Disciplinary Policy and Procedure

REVIEW OF DISRUPTION TO THE RTGS SYSTEM ON 20 OCTOBER 2014: AN UPDATE TO THE BANK OF ENGLAND S RESPONSE SUMMARY

Risk & Resilience Coordinator

Job PLAN INTERNATIONAL UK JOB PROFILE

The post holder will be an employee of the Oxfordshire Diocesan Board of Finance on secondment to Thames Valley Police.

BUSINESS CONTINUITY MANAGEMENT POLICY

Job Description: Strategic Business Manager

Draft terms of reference for the Staff Forum and communicate relaunch.

Role Description Facilities Maintenance Coordinator

Work Health and Safety

SERVICE PROCEDURE NOVEMBER 2011

JOB DESCRIPTION. Community Led Local Development (CLLD) Programme Manager. The four CLLD Local Action Groups across Cornwall (Functional Management)

CANDIDATE BRIEF. Student Intern - Building Surveyor, Facilities Directorate

Protocol for Consultation with Trade Union Safety representatives.

This paper outlines the proposed community relations strategy to be used by the nominated undertaker during construction of Phase One of HS2.

Our Healthier South East London (OHSEL) The SEL STP. Programme Director: Community Based Care

Job title: Diversity & Inclusion Manager. Grade: PO 5. Role code: EBC0470. Status: Police Staff. Main purpose of the role:

Bowmer. & Kirkland. Kirkland. & Accommodation. Health & Safety Policy.

NARU. NHS Ambulance Services Emergency Preparedness, Resilience & Response. Quality Assurance Framework. National Ambulance Resilience Unit

Information Governance Policy

Business Continuity Management Policy and Procedure

Recruitment and Appointment Policy Responsible Officer. Executive Director, Human Resources Approved by

Compliance standard & framework

Response to Consultation on Governance Arrangements for the UPI: Key Criteria and Functions

Registered as a Scottish Charity - No. SC Job Description. Grade 8, Salary commences 25,339 per annum

Page1. Asbestos (Health & Safety) Policy. Issue Date 07/03/2017 Issue 1 Document No: 010 Uncontrolled when copied

Business Continuity Management for Singapore s Logistics Sector. By Singapore Business Federation and Singapore Logistics Association

Governance Leader POSITION DESCRIPTION 1 POSITION DETAILS. Governance / Finance & Governance. Date: October PURPOSE OF POSITION

GLASGOW WEST HOUSING ASSOCIATION PROCUREMENT STRATEGY

OH&S MANAGEMENT SYSTEM CHECKLIST - AS 4801:2001 (STATUS A = Acceptable; N = Not Acceptable; N/A = Not Applicable)

Health, Safety and Environmental Manager

Financial Reporting Council BDO LLP AUDIT QUALITY INSPECTION

ABERDEEN CITY COUNCIL

Asset Management Policy

The Integrated Support and Assurance Process (ISAP): detailed guidance on assuring novel and complex contracts

JOB DESCRIPTION. Agenda for Change Band 8a equivalent

JOB DESCRIPTION AMNESTY INTERNATIONAL INTERNATIONAL SECRETARIAT

UNIVERSITY OF ST ANDREWS POLICY ON WORK PLACEMENTS. Applies to all Undergraduate and Taught Postgraduate Students

Date: INFORMATION GOVERNANCE POLICY

PRE-SCHOOL LEARNING ALLIANCE 50 FEATHERSTONE STREET LONDON EC1Y 8RT. Registered as an Educational Charity JOB DESCRIPTION

Business Continuity Planning and Disaster Recovery Planning

JCU Business Continuity Management Plan

Senior Academy Business Manager

INFORMATION FOR CANDIDATES. Department of Education & Communities, NSW Executive Director, Learning and Teaching. November 2017

JOB DESCRIPTION. Pro-actively manage absence within the team, including being on-call in the event of sickness or as otherwise required.

International Project Manager (Team Programme, Jordan) Any UK Prince s Trust office or centre with frequent oversees travel

Pipelines Safety Regulations 1996

University of Birmingham

Retaining Wall Assessment and Prioritisation Paper

PROJECT COORDINATOR INSPIRE MENTAL HEALTH CONSORTIUM The job description does not form part of the contract of employment

Contribute towards school decisions regarding the development and improvement of the premises.

Policy Work Health and Safety (WHS) RCPA Introduction WHS legislation

Group Accountant (Children s Services)

ROLE DESCRIPTION. Strategic Procurement Manager

Establishing a Multi-Stakeholder Group and National Secretariat

Risk Management Policy

Industry Information Paper

Probation Policy and Procedure

GROUP BUSINESS CONTINUITY MANAGEMENT POLICY

Common Approach to Competency for Regulators

- Manage the delivery of a compliant, professional HR business service for WMAT.

Strategic Level Professional Capabilities

JOB DESCRIPTION FACILITIES MANAGER

Information Governance Policy and Management Framework

Transcription:

UNIVERSITY OF ABERDEEN ADVISORY GROUP ON BUSINESS CONTINUITY & RESILIENCE BUSINESS CONTINUITY POLICY 1 INTRODUCTION 1.1 The University of Aberdeen has a responsibility to ensure the health and welfare of its staff and students, and to minimise the disruption to critical business operations in the event of an incident or disaster. Although the Civil Contingencies Act 2004 does not apply to universities, it does promote the implementation of business continuity planning within all organisations, and there are increasing expectations that large organisations should have in place formal business continuity systems that prepare them for disruptive incidents in order to minimise the effects on the key services which they provide. 1.2 The purpose of this policy is to: Define and formalise the University s approach and commitment to business continuity; Clarify roles and responsibilities in relation to business continuity planning and management; Define the mechanism for reporting on the University s business continuity and emergency planning arrangements (including responsibility, frequency). 1.3 This policy will be reviewed and updated annually by the Advisory Group on Business Continuity & Resilience. It will support the University s overall strategic ambitions. 2 COMMITMENT 2.1 The University has established and will maintain a comprehensive business continuity management system (BCMS). International Standard ISO 22301 (Business continuity management) is widely regarded as setting out good practice in business continuity management and will inform the development of the University s business continuity arrangements. 2.2 The University has an established Risk Management process. The BCMS will operate in conjunction with this process to ensure that plans and resources are concentrated in the highest risk/business critical areas. 2.3 The University of Aberdeen s BCMS will include plans and resiliency measures that cover the areas of people, premises, technology, information, external services and suppliers. The scenarios that are planned for may be incidents that are local in nature, impacting on a single facility or section, or could have regional impact, with multiple University of Aberdeen facilities or sections in a geographic area being affected by the incident. 2.4 The types of disruptive incidents which are the most significant to the University will be identified, and business impact analysis and risk assessment will be applied to key services and supporting services, processes and resources. 2.5 The University of Aberdeen will: Establish business continuity strategies that align with the University s Strategic Plan; Establish and implement business continuity plans across all areas of business according to an agreed timeframe for delivery, with the level of planning undertaken proportionate to the impact that loss of service would have on the University s operations and strategic objectives; Develop business continuity measures for people, premises, technology, information, external services and suppliers; Co-ordinate with all internal and external stakeholders where appropriate; Page 1 of 5

Integrate the business continuity programme, where appropriate, with existing policies and procedures; Have an active Emergency Management Team (EMT) and Incident Response Teams with a robust incident management methodology, which is embedded into the organisation. 3 ROLES AND RESPONSIBILITIES 3.1 Senior Champion 3.1.1 A member of the University s senior management will be the Business Continuity Champion and will oversee the University's arrangements for business continuity planning. 3.2 Advisory Group on Business Continuity & Resilience 3.2.1 An Advisory Group on Business Continuity & Resilience has been established to: Advise University management on matters relating to business continuity policy and actions necessary to implement University policy; Monitor the extent of compliance with the University s Business Continuity Policy; Facilitate discussions between units within the University on interdependencies regarding matters of business continuity; Receive regular feedback from Schools and Professional Services on resilience issues; Report at least annually to the University Management Group and after incidents; Oversee the maintenance and coordination of the University s Emergency Management Plan and bring to University Management Group attention matters relating to its arrangements. 3.2.2 The Group will meet at least three times per year and more frequently if circumstances require it. 3.3 Schools and Professional Services 3.3.1 Business continuity plans have been developed by individual Schools and Professional Services for business critical areas. It is expected that, as part of the continuous development of a comprehensive BCM system, all Schools and Directorates will establish and implement business continuity plans according to an agreed timeframe for delivery, with the level of planning undertaken proportionate to the impact that loss of service would have on the University s operations and strategic objectives. Schools and Professional Services will be required to provide the Advisory Group on Business Continuity & Resilience with regular updates on business continuity planning. Heads of School and Heads of Professional Services will ensure that all members of staff are made aware of the arrangements which are relevant to them and of the plans in which they will have roles. 3.3.2 Those responsible for negotiating and managing contracts which relate to key services and supplies should give necessary consideration to the inclusion of business continuity conditions in those contracts to help ensure that the contractor is able to deliver acceptable levels of service following a disruptive incident affecting the University and/or the contractor. This includes transnational education arrangements, where consideration needs to be given to incident response and recovery procedures and any legislation in the country where there may be specific health and safety requirements relating to incident response. Where satellite locations will share systems used in Aberdeen, for example, consideration should be given as to how an incident in Aberdeen may impact on functions overseas, and put in place necessary arrangements to minimise the impact of the incident on critical services. Consideration should also be given as to how communication with overseas stakeholders would work in the event of an incident. 3.3.3 There is an overarching University Emergency Management Plan describing the central arrangements for responding to major disruptive incidents, managing the effects on the University s business and the circumstances in which business continuity plans should be invoked. Page 2 of 5

3.3.4 Plans will be reviewed annually and will be subject to test and exercise at least once every two years. A formal business impact analysis review will be undertaken at least once every three years. 4 CO-ORDINATORS 4.1 Central Business Continuity Coordinator 4.1.1 The University has a Central Business Continuity Coordinator to have strategic oversight of the development and implementation of the University s business continuity and emergency planning arrangements Provide support and guidance to Schools and Professional Services on business continuity planning and emergency planning matters; Work across all services to ensure interdependencies are recognised and a consistent approach is applied across the University; Monitor standards and compliance with the policy across the University; Deliver training and exercises; Liaise with external stakeholders to support the maintenance and development of the University s arrangements; Maintain knowledge and understanding of relevant standards, guidance, and legislation; Develop and maintain the University s Emergency Management Plan. Continual review of the BCMS and Emergency Management Plan to ensure they remain fit for purpose, recommending improvements where necessary. 4.2 Local Business Continuity Coordinators 4.2.1 In addition, each School and Professional Service that holds a business continuity plan will appoint a member of staff to the role of local business continuity coordinator to provide support and guidance on business continuity planning at a local level. Local business continuity coordinators will be responsible for developing and maintaining local business continuity Plans, and will be supported by the Central Business Continuity Coordinator in undertaking this role. Updated October 2017 APPROVALS DATE Business Continuity Management Working Group 27 May 2011 University Management Group 30 June 2011 Operating Board 21 October 2011 Review by: Advisory Group on Business Continuity & Resilience 21 October 2011 10 October 2013 05 December 2014 07 October 2016 06 October 2017 Page 3 of 5

APPENDIX A Organisational structure for planning for business continuity Operating Board Business Continuity Champion Colleges Advisory Group on Business Continuity & Resilience Professional Services Responsibility Advisory Organisational structure for responding to an emergency or other major disruptive incident Emergency Management Team Incident Response Team(s) Communications Recovery Team(s) Manager at site of incident University Helpline Staff undertaking recovery Page 4 of 5

Metadata Title Business Continuity Policy Author Ashley Kirby, Policy & Planning Adviser Owner Advisory Group on Business Continuity & Resilience Date Published / Approved October 2011, University Operating Board Version Version 5 Date for next review Audience October 2018 (annually) by AGBC&R Staff Related Documents Subject / Description Equality Impact Assessment Section Emergency Management Plan, Business Continuity Plans; Advisory Group on Business Continuity & Resilience Remit and Composition A statement detailing the University s business continuity management system and commitment to ensure its preparedness for disruptive incidents. N/A Estates and Facilities Theme Business Continuity and Emergency Planning Page 5 of 5

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback