Radio New Zealand Te Reo Irirangi O Aotearoa
|
|
- Shanon Reynolds
- 6 years ago
- Views:
Transcription
1 Radio New Zealand Te Reo Irirangi O Aotearoa Business Continuity Management Document Set 02 Incident Management Framework
2 03 Business Continuity Plan Version 0.1 **Doc Released** Valid until February 2011 New Zealand Food Safety Authority 03 - Business Continuity Plan THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page 2
3 This document was developed in consultation with Radio New Zealand by BCM International Limited
4 CONTENTS PREFACE A DOCUMENT CONTROL... A-1 Issue and amendment... A-1 Document Security... A-1 Revision Record... A-1 Distribution List... A-1 Associated Documents... A-1 PREFACE B ABBREVIATIONS & ACRONYMS...B-1 Abbreviations...B-1 PREFACE C TERMS & DEFINITIONS... C-1 1 INCIDENT MANAGEMENT FRAMEWORK Purpose of this document Overall strategies IMF RESILIENCE MODEL ESCALATION & EVOCATION Escalation Incident Levels Evocation INCIDENT ACTIVATION CHART INCIDENT MANAGEMENT TEAM IMT MEMBERS ROLES & RESPONSIBILITIES...6 THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page I
5 PREFACE A DOCUMENT CONTROL Issue and amendment This Plan is a Controlled Document. The Deputy Chief Executive (DCE) is the owner of the Business Continuity Plan (BCP) and is responsible for ensuring that the Plan is regularly reviewed and updated. Managers are responsible for ensuring that their business continuity action plans are reviewed and updated regularly. Document Security The careful management of information contained in this and other management plans of Radio NZ s Incident Management System (IMS) is paramount to avoid any compromise in security or privacy. In this regard, all RNZ personnel must exercise due care when passing and storing information pertaining to the IMS. This document is classified CONFIDENTIAL and is to be treated accordingly. BCP documents are not to be shared with anyone outside Radio NZ, including insurers and auditors, without the approval of the CE or DCE. If approval is given a summary document may be prepared for them. Revision Record Rev Date Revision Author Approved by Distribution List Rev Date Issued to: Approved by Associated Documents Document Name Reference Owner THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page A-1
6 PREFACE B ABBREVIATIONS & ACRONYMS Abbreviations BC BCM BCP DCE ERT IMT Business Continuity Business Continuity Management Business Continuity Plan Deputy Chief Executive Emergency Response Team Incident Management Team THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page B-1
7 PREFACE C TERMS & DEFINITIONS The Incident Management System (IMS) and its component response and recovery plans have the following definitions: Business Continuity Plan Business Continuity Planning Crisis Disaster Emergency Incident Management Team The documented methodology for addressing significant business interruption incidents (disasters / emergencies) impacting business critical resources and systems. Business Continuity Planning is the process utilised to ensure the uninterrupted availability of all key resources to support essential business processes. It involves identifying and documenting preventative treatments for continuity risks that can be routinely managed and developing response continuity and recovery plans to deal with the consequences, should the preventative treatments fail. A Crisis can generally be interpreted as a major negative incident that has the potential to significantly impact or destabilise the business. The incident could affect personnel, operations and business continuity, attract intense scrutiny from various stakeholders and jeopardise the organisation s image. Due to their size and impact, crisis incidents fall outside the normal business contingency and emergency response arrangements. A generic term used to describe: An incident that makes it difficult or impossible for an organisation to conduct normal business activities for an extended period An unexpected unplanned incident or incident that causes serious damage or loss to the business A point in time when management decides to divert from normal operations and exercises the emergency management and business continuity plans In the Incident Management System (IMS), a disaster encompasses crisis, emergency and business continuity incidents. An Emergency is a sudden, abnormal incident requiring precise and timely operational action to control, retain and restore to normal conditions. It may relate to people, property or any business activities. Depending on the size and impact, an emergency can become a crisis though the vast majority do not. Once the situation is controlled and rendered safe, the emergency is over. Incident Management Team comprises staff responsible for managing recovery and continuity actions arising from interruptions to business critical resources and systems in accordance with the provisions of the BCP. THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page C-1
8 1 INCIDENT MANAGEMENT FRAMEWORK 1.1 Purpose of this document This document describes how the Incident Management Framework provides Radio New Zealand with an integrated suite of Emergency Response, Crisis Management and Business Continuity plans, to enable Radio New Zealand to act quickly, decisively and intelligently in any disaster or emergency situation, ensuring an appropriately-measured level of response and recovery actions, depending on the nature, location and potential gravity of any given incident. 1.2 Overall strategies Business continuity and recovery actions for any significant disruptive incident follow on from the emergency response phase of a disruption. The Incident Management Team takes responsibility for coordinating the continuity and recovery actions of those affected, assisting them to reestablish firstly the most critical business functions, then with the actions for recovery and return to normal operations. THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page 1
9 2 IMF RESILIENCE MODEL The IMF model shows the framework for Emergency Response, Business Continuity and Crisis Management Plans. The model demonstrates how, through pre-planning, Radio New Zealand will build a capability to successfully manage a significant disruptive incident through the stages outlined in the model. The model highlights key areas for consideration in planning the strategic approach to each phase of the incident from commencement through recovery to conclusion. THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page 2
10 3 ESCALATION & EVOCATION 3.1 Escalation The requirements of any given situation will vary. Notification and escalation of significant disruptive incidents occurs through normal management reporting lines. RNZ staff are required to immediately report incidents to their Manager or Supervisor, who will decide on the appropriate emergency response requirements. As soon as it is practicable to do so, the Incident Management Team (IMT) Leader will be contacted. 3.1 Incident Levels The three levels of business continuity incidents are as follows: Level 1. (Minor) A disruptive incident that can be handled by the business emergency response standard operating procedures. It is not likely to last more than 72 hours. The IMT leader will be notified and monitors incident. Level 2. (Major) A disruptive incident that may last up to two weeks. It may involve all or part of the Incident Management Team. Level 3. (Severe) A disruptive incident that by its nature is likely to last longer than 2 weeks causing a significant disruption to the business. It results in a full activation of the Incident Management Team. 3.2 Evocation Confirmation of the incident level and responsibility for managing the incident will be made by the Incident Management Team (IMT) leader (Pilot) in conjunction with the DCE who will implement callout of the IMT members. Once the IMT has been activated the Incident Directors will structure the response according to the location and type of incident using the guidelines set out in the Business Continuity Plan (BCP). Once the direction for managing the incident is established, major focus will transfer to those responsible for managing and implementing the necessary operational actions in accordance with the directions in their Action Plans which are part of the BCP document. RNZ s approach to managing disasters / emergencies is prudent over-reaction, assessment and de-escalation. All relevant personnel are notified and made ready to be mobilised when an Incident Level is declared. Incidents will be managed at the lowest practical level. THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page 3
11 4 INCIDENT ACTIVATION CHART EVENT EMERGENCY REPONSE IMT Recovery Director Notified. Incident Assessed Activation Level Agreed Level 1 Minor 0-72 Hours Level 2 Major 72 Hours 2 Weeks Level 3 Severe > 2 Weeks Emergency response team handles incident IMT activated. Strategy Team on standby. Immediate activation Emergency Response, IMT, Strategy Teams Incident managed as required. IMT Leader monitors IMT Leader activates Command Centre Establish IMT Command Centre IMT Leader escalates if necessary to next level IMT undertakes continuity & recovery actions. Reports to Strategy Team IMT undertake continuity & recovery actions. Strategy Team handles strategic issues No escalation. Incident managed to conclusion IMT manages incident to conclusion All manage incident to conclusion On conclusion IMT Leader conducts a formal review & reports to Leadership Team with recommendations THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page 4
12 5 INCIDENT MANAGEMENT TEAM Radio NZ - Incident Management Team Legal External Communications John Barr DCE Ken Laws Secretariat Heather Abbott Strategy Layer Tactical Layer Incident Directors Recovery Coordinator Helen Galbraith Pilot John Howson Co Pilot Simon Dickinson Mathew Finn Secretariat Operational Layer Operations Support Emergency Liaison Command Centre News Don Rood Finance Richard Young Affected Site Recovery Liaison Recovery Site Networks Hewitt Humphrey Broadcast Infrastructure Ian Bull Gary Fowles Computer Services Alex Mitchell Auckland Office Linda Ellen Whittaker HR Jann Sampson Communications John Barr Administration Matt Taylor Lifelines & CDEM Pandemic THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page 5
13 6 IMT MEMBERS ROLES & RESPONSIBILITIES Deputy Chief Executive (DCE) Declare Emergency & activate IMT Liaison point for RNZ Crisis Management Team Media Spokesperson (if required) Assist in significant decision making Assist with negotiations / troubleshoot major problems Explore all strategic options Consider international / industry-wide view Provide final call on all policy issues Recovery Coordinator Activate Command Centre & supervise set up Liaise with on site liaison requests / information Support / assist the Recovery Directors Project manage delegated task implementation Arrange IMT meetings / attendees / agenda Chart useful information / task summaries / facts Ensure issues are addressed not overlooked Assist enforce Command Centre discipline HR Team Communicate with staff Account for staff, contractors & visitors Supply HR information Notify family of staff injury / death Identify, monitor progress of & visit casualties Counsel staff suffering shock Rehabilitate staff back into workplace Monitor temporary work environment Communications Team Control all internal & external stakeholder communications Control all media contact Gather relevant facts / updates Develop media strategy Develop the set of key messages Draft / script consistent detailed key messages Coordinate & quality control all formal communications Liaise with media monitoring company Determine communications risks Prepare media spokesperson Chair media forums, CEO introduction & questions Recovery Director Pilot Declare Emergency & activate IMT absence Activate the Command Centre Chair IMT meetings Project manage the response & recovery activities Gather information, formulate options, make decisions & delegate tasks Seek support from the DCE if away from IMT Escalate significant decisions to RNZ CEO DCE Secretariat Assist the CEO as instructed Minute CEO actions & decisions outside IMT meetings Provide CEO minutes to IMT Secretariat Legal Team Ensure compliance with laws & regulations Advise IMT on legal issues Coordinate activities with external specialist legal expert advisers as required Suggest ways to minimise legal exposure Legal vetting of formal communications Establish & supervise IMT Secretariat system Monitor & review the appropriateness of IMT minutes Finance Team Streamline / fast track emergency procurement Optimise procurement value for money Communicate preferred supplier details to buyers Continue salary payments Provide expenditure estimates Process expense expenditures & receipts Organise transportation of resources Book personnel transport & accommodation Communicate insurance cover & deductibles to IMT Establish petty cash float & expenditure system Process insurance claims Recovery Director - Co-Pilot Support the Recovery Director - Pilot Stand in for Recovery Director Pilot if absent Assist in activating IMT members Co-chair IMT meetings Assist with complex problem solving Research options time permitting Solicit input to complex decisions IMT Secretariat Record actions & decisions at all meetings as official minutes Record details of all Recovery Director discussions outside formal meetings Log all significant events Produce typed minutes IT Team Assess damage / identify nature of problems Specify technology environment restoration needs Restore IT hardware, communications, system software, applications, security & data Redirect / restore telephony fixed & mobile Maintain working from home user support Maintain / develop new IT backup site Emergency Site Liaison Account for staff & identify casualties Track casualty details & where taken to Liaise with Emergency Services Provide regular updates to IMT Recovery Coordinator Request information from IMT via Recovery Coordinator Conduct street level building damage assessment physical damage, power, AC, lifts, windows etc. Report to IMT any media interest at the scene THIS DOCUMENT IS UNCONTROLLED IN HARD COPY FORM Page 6
Business Continuity Policy
Business Continuity Policy Version Number: 3.6 Page 1 of 14 Business Continuity Policy First published: 07-01-2014 Amendment record Version Date Reviewer Comment 1.0 07/01/2014 Debbie Campbell 2.0 11/07/2014
More informationNHS Gloucestershire Clinical Commissioning Group. Business Continuity Strategy
NHS Gloucestershire Clinical Commissioning Group 1 Document Control Title of Document Gloucestershire CCG Author A Ewens (Emergency Planning and Business Continuity Officer) Review Date February 2017 Classification
More informationINFORMATION SECURITY- DISASTER RECOVERY
Information Technology Services Administrative Regulation ITS-AR-1505 INFORMATION SECURITY- DISASTER RECOVERY 1.0 Purpose and Scope The objective of this Administrative Regulation is to outline the strategy
More informationPolicy. Business Resilience MB2010.P.119
MB.P.119 Business Resilience Policy This policy been prepared by the Bi-Cameral Business Risk and Resilience Group and endorsed by the Management Boards of both Houses. It is effective from December to
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationSAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx
SAMPLE REPORT Business Continuity Gap Analysis Report Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx COMMERCIAL-IN-CONFIDENCE PAGE 1 OF 11 Contact Details CSC Contacts CSC
More informationREPORT 2015/010 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2015/010 Audit of information and communications technology strategic planning, governance and management in the Investment Management Division of the United Nations Joint
More informationProcess Definition: Security Services
Process Definition: Services 1. SUMMARY Process Definition: Services 1.1. This document defines the processes provided by the Services team in detail. 1.2. The relationship between this Business Unit process
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationInformation Security Data Classification Procedure
Information Security Data Classification Procedure A. Procedure 1. Audience 1.1 All University staff, vendors, students, volunteers, and members of advisory and governing bodies, in all campuses and locations
More informationComputer Security Incident Response Plan. Date of Approval: 23-FEB-2014
Computer Security Incident Response Plan Name of Approver: Mary Ann Blair Date of Approval: 23-FEB-2014 Date of Review: 31-MAY-2016 Effective Date: 23-FEB-2014 Name of Reviewer: John Lerchey Table of Contents
More informationAccess Control Policy
Access Control Policy Version Control Version Date Draft 0.1 25/09/2017 1.0 01/11/2017 Related Polices Information Services Acceptable Use Policy Associate Accounts Policy IT Security for 3 rd Parties,
More informationCABINET PLANNING SYSTEM PROCUREMENT
Report No: 163/2017 PUBLIC REPORT CABINET 19 September 2017 PLANNING SYSTEM PROCUREMENT Report of the Director for Places (Development & Economy) Strategic Aim: Sustainable Growth Key Decision: Yes Exempt
More informationSecurity Director - VisionFund International
Security Director - VisionFund International Location: [Europe & the Middle East] [United Kingdom] Category: Security Job Type: Open-ended, Full-time *Preferred location: United Kingdom/Eastern Time Zone
More informationAppendix 3 Disaster Recovery Plan
Appendix 3 Disaster Recovery Plan DRAFT March 5, 2007 Revision XX Qwest Government Services, Inc. 4250 North Fairfax Drive Arlington, VA 22203 A3-i RFP: TQC-JTB-05-0002 March 5, 2007 REVISION HISTORY Revision
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationBUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW
BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW EXECUTIVE SUMMARY CenturyLink is committed to ensuring business resiliency and survivability during an incident or business disruption. Our Corporate Business
More informationPublic Safety Canada. Audit of the Business Continuity Planning Program
Public Safety Canada Audit of the Business Continuity Planning Program October 2016 Her Majesty the Queen in Right of Canada, 2016 Cat: PS4-208/2016E-PDF ISBN: 978-0-660-06766-7 This material may be freely
More informationINFORMATION SECURITY AND RISK POLICY
INFORMATION SECURITY AND RISK POLICY 1 of 12 POLICY REFERENCE INFORMATION SHEET Document Title Document Reference Number Information Security and Risk Policy P/096/CO/03/11 Version Number V02.00 Status:
More informationVirtual Server Service
ITS Service Level Agreement February 2016 Virtual Server Service What is a Virtual Server? A virtual server (also known as a virtual machine ) is a server that runs on shared physical equipment. Usually,
More informationBCP At Bangkok Bank, Thailand
BCP At Bangkok Bank, Thailand Bhakorn Vanuptikul, BCCE Executive Vice President Bangkok Bank Public Company Limited 10 May 2012 1 Agenda Business Continuity Management at Bangkok Bank Success Factors in
More informationGuidelines. on the security measures for operational and security risks of payment services under Directive (EU) 2015/2366 (PSD2) EBA/GL/2017/17
GUIDELINES ON SECURITY MEASURES FOR OPERATIONAL AND SECURITY RISKS UNDER EBA/GL/2017/17 12/01/2018 Guidelines on the security measures for operational and security risks of payment services under Directive
More informationBusiness Continuity and Disaster Recovery
Business Continuity and Disaster Recovery Index Section Title 1. Executive Summary 2. Policy Statement 3. Strategy 4. Governance 5. Key Documentation 6. Testing 1 Executive Summary Business Continuity
More informationCRITICAL INCIDENT STRESS MANAGEMENT
The purpose of a Critical Incident Stress Management (CISM) is to provide support and professional intervention after emergency personnel have been subjected to a significant traumatic event. CISM is designed
More informationUse Of Mobile Communication Devices Within Healthcare Premises Policy
Use Of Mobile Communication Devices Within Healthcare Premises Policy Co-ordinator: Director of Facilities Reviewer: Working Group chaired by Director of Facilities Approver: GAPF Signature Signature Signature
More informationData Protection Policy
Data Protection Policy Data Protection Policy Version 3.00 May 2018 For more information, please contact: Technical Team T: 01903 228100 / 01903 550242 E: info@24x.com Page 1 The Data Protection Law...
More informationL18: Integrate Control Disciplines to Increase Control and Save Money
L18: Integrate Control Disciplines to Increase Control and Save Money Kathleen Lucey, FBCI Montague Risk kalucey@montaguetm.com tel: 1.516.676.9234 Connections Information Security (computer security,
More informationGlobal Statement of Business Continuity
Business Continuity Management Version 1.0-2017 Date January 25, 2017 Status Author Business Continuity Management (BCM) Table of Contents 1. Credit Suisse Business Continuity Statement 3 2. BCM Program
More informationSCHEME OF DELEGATION (Based on the model produced to the National Governors Association)
SCHEME OF DELEGATION (Based on the model produced to the National Association) THE PURPOSE OF A SCHEME OF DELEGATION: A scheme of delegation (SoD) is the key document defining which functions have been
More informationIntroduction. Overview. Every Crisis Management Team Needs a Critical Decision Checklist. Presented by Roseanne Rostron, CBCP President Raido Response
Every Crisis Management Team Needs a Critical Decision Checklist Presented by Roseanne Rostron, CBCP President Raido Response Tuesday, May 9, 2006 Introduction Roseanne Rostron, CBCP - President Raido
More informationCredit Card Data Compromise: Incident Response Plan
Credit Card Data Compromise: Incident Response Plan Purpose It is the objective of the university to maintain secure financial transactions. In order to comply with state law and contractual obligations,
More informationIntroduction to Business continuity Planning
Week - 06 Introduction to Business continuity Planning 1 Introduction The purpose of this lecture is to give an overview of what is Business Continuity Planning and provide some guidance and resources
More informationexaminations. 1. Policy Statement 2. Examination Arrangements 3. Examination Papers 4. Examination Venue Arrangements
Document Title/Reference Purpose Exam Administration: Policy & Procedures To outline the procedures for the production of exam papers; staging & conduct of exams; correction of scripts; and checking of
More informationUlster University Policy Cover Sheet
Ulster University Policy Cover Sheet Document Title DATA CENTRE ACCESS POLICY 3.2 Custodian Approving Committee Data Centre & Operations Manager ISD Committee Policy approved date 2017 09 08 Policy effective
More informationINFORMATION AND COMMUNICATIONS TECHNOLOGY (ICT) DISASTER RECOVERY POLICY AND PROCEDURES
INFORMATION AND COMMUNICATIONS TECHNOLOGY (ICT) DISASTER RECOVERY POLICY AND PROCEDURES Document Control Panel File Reference Number File Name Owner Approver ICT Disaster Recovery-PP-01 ICT Disaster Recovery
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationSHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT
SHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT AGREEMENT DATED [ ] BETWEEN: (1) SHELTERMANAGER LTD and (2) [ ] ( The Customer ) BACKGROUND (A) (B) (C) This Agreement is to ensure there is in place
More informationational Lifeline Utilities Coordination
2 November 2016 ational Lifeline Utilities Coordination Paul Bagg Senior Emergency Management Advisor Content Lifeline Utilities Coordination National Sector Coordinating Entities Lifeline Utilities Perspective
More informationBUSINESS CONTINUITY. Topics covered in this checklist include: General Planning
BUSINESS CONTINUITY Natural and manmade disasters are happening with alarming regularity. If your organization doesn t have a great business continuity plan the repercussions will range from guaranteed
More informationSample Exam Privacy & Data Protection Foundation
Sample Exam Sample Exam Privacy & Data Protection Foundation SECO-Institute issues the official Business Continuity courseware to accredited training centres where students are trained by accredited instructors.
More informationDISASTER RECOVERY PRIMER
DISASTER RECOVERY PRIMER 1 Site Faliure Occurs Power Faliure / Virus Outbreak / ISP / Ransomware / Multiple Servers Sample Disaster Recovery Process Site Faliure Data Centre 1: Primary Data Centre Data
More informationLEADERSHIP GROUP LG (2017) Paper October 2017 RESILIENCE BOARD
RESILIENCE BOARD Executive summary 1. At its meeting on 27 September, Leadership Group (LG) considered a proposal to establish a Resilience Board to take strategic oversight of personnel, physical and
More informationData Processing Agreement
In accordance with the European Parliament- and Council s Directive (EU) 2016/679 of 27th April 2016 (hereinafter GDPR) on the protection of physical persons in connection with the processing of personal
More informationContingency Planning
Contingency Planning Introduction Planning for the unexpected event, when the use of technology is disrupted and business operations come close to a standstill Procedures are required that will permit
More informationINFORMATION TECHNOLOGY ( IT ) GOVERNANCE FRAMEWORK
INFORMATION TECHNOLOGY ( IT ) GOVERNANCE FRAMEWORK 1. INTRODUCTION The Board of Directors of the Bidvest Group Limited ( the Company ) acknowledges the need for an IT Governance Framework as recommended
More informationGDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ
GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool Contact Ashley House, Ashley Road London N17 9LZ 0333 234 4288 info@networkiq.co.uk The General Data Privacy Regulation
More informationCorporate Information Security Policy
Overview Sets out the high-level controls that the BBC will put in place to protect BBC staff, audiences and information. Audience Anyone who has access to BBC Information Systems however they are employed
More informationRules for LNE Certification of Management Systems
Rules for LNE Certification of Management Systems Application date: March 10 th, 2017 Rev. 040716 RULES FOR LNE CERTIFICATION OF MANAGEMENT SYSTEMS CONTENTS 1. PURPOSE... 3 2. SCOPE... 3 3. DEFINITION
More informationData Recovery Policy
Data Recovery Policy The Marketware, Inc. Contingency Plan establishes procedures to recover Marketware, Inc. following a disruption resulting from a disaster. This Disaster Recovery Policy is maintained
More informationNumber: USF System Emergency Management Responsible Office: Administrative Services
POLICY USF System USF USFSP USFSM Number: 6-010 Title: USF System Emergency Management Responsible Office: Administrative Services Date of Origin: 2-7-12 Date Last Amended: 8-24-16 (technical) Date Last
More informationL evoluzione della Business Continuity. Corrado Zana Genoa - November 23rd, 2016
L evoluzione della Business Continuity Corrado Zana Genoa - November 23rd, 2016 Business MRC Approach Disaster Recovery IT Business Continuity Plan Business Continuity Management System Business Operational
More informationInformation Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Colin Sloey Implementation Date: September 2010 Version Number:
More informationIT CONTINUITY, BACKUP AND RECOVERY POLICY
IT CONTINUITY, BACKUP AND RECOVERY POLICY IT CONTINUITY, BACKUP AND RECOVERY POLICY Effective Date May 20, 2016 Cross- Reference 1. Emergency Response and Policy Holder Director, Information Business Resumption
More informationMember of the County or municipal emergency management organization
EMERGENCY OPERATIONS PLAN SUUPPORT ANNEX B PRIVATE-SECTOR COORDINATION Coordinating Agency: Cooperating Agencies: Chatham Emergency Management Agency All Introduction Purpose This annex describes the policies,
More informationIntroduction to Business Continuity Management
Introduction to Business Continuity Management Audio Presented by ABD s Occupational Health and Safety Team Featuring The Cross Connection JULY 24, 2018 Speaker Panel ABD Insurance & Financial Services
More informationTHE CYBER SECURITY PLAYBOOKECTOR SHOULD KNOW BEFPRE, DURING & AFTER WHAT EVERY DIRECTOR SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK
THE CYBER SECURITY PLAYBOOKECTOR SHOULD KNOW BEFPRE, DURING & AFTER WHAT EVERY DIRECTOR SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK 03 Introduction 04 Step 1: Preparing for a breach CONTENTS 08 Step
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationSAVANNAH LAKES VILLAGE PROPERTY OWNERS ASSOCIATION, INC. JOB DESCRIPTION
SAVANNAH LAKES VILLAGE PROPERTY OWNERS ASSOCIATION, INC. JOB DESCRIPTION POSITION: CHIEF OPERATING OFFICER FUNCTION: Responsible for all aspects of the SLV POA day-to-day operations. In this capacity,
More informationData Backup and Contingency Planning Procedure
HIPAA Security Procedure HIPAA made Easy Data Backup and Contingency Planning Procedure Please fill in date implemented and updates for your facility: Goal: This document will serve as our back-up storage
More informationPECB Change Log Form
GENERAL INFORMATION Owner / Department* Approver / Department * Training Development Department Quality Assurance Department Date of Approval* 2019-01-09 Course name: Language: New Version: Previous Version:
More informationVOCATIONAL QUALIFICATIONS ENTRY CODES 2017/18. ocr.org.uk
VOCATIONAL QUALIFICATIONS ENTRY CODES 2017/18 ocr.org.uk Contents Introduction 1 Key to forms of assessment 1 Version control 2 1 Skills for Business 3 1.1 Administration (Business Professional) 3 1.2
More informationCorporate Security & Emergency Management Summary of Submitted 2015 Budget From Rates
Corporate Security & Emergency Management Summary of Submitted 2015 From Rates Service Expense 2014 2015 Revised Non Tax Revenue Net Tax Supported Expense Draft Non Tax Revenue Net Tax Supported Increase
More informationGlobal Security Advisor
Global Security Advisor Location: [North America] [United States] Category: Security *Preferred location: USA. Other locations will be considered globally where WVI is registered to operate. PURPOSE OF
More informationWeb Hosting: Mason Home Page Server (Jiju) Service Level Agreement 2012
Web Hosting: Mason Home Page Server (Jiju) Service Level Agreement 2012 Table of Contents 1 General Overview... 2 2 Service Description... 2 2.1 Service Scope... 2 2.1.1 Eligibility Requirements... 2 2.1.2
More informationINFORMATION SECURITY-SECURITY INCIDENT RESPONSE
Information Technology Services Administrative Regulation ITS-AR-1506 INFORMATION SECURITY-SECURITY INCIDENT RESPONSE 1.0 Purpose and Scope The purpose of the Security Response Administrative Regulation
More informationAre Traditional Disaster Recovery Plans Still Relevant? Bobby Williams, MBCP, MBCI Director, IT Resiliency Planning Fidelity Investments
Are Traditional Disaster Recovery Plans Still Relevant? Bobby Williams, MBCP, MBCI Director, IT Resiliency Planning Fidelity Investments Who am I? Bobby Williams is the Director of IT Resiliency Planning
More informationImplementing a Global Business
GLOBAL OPERATIONS Implementing a Global Business Continuity Management Program Disaster Recovery Journal Spring World 2010 Conference Pfizer Inc. Managing Business Continuity on a Global Scale This presentation
More informationDATABASE ADMINISTRATOR
DATABASE ADMINISTRATOR Department FLSA Status Reports To Supervises Information Technology Exempt IT Director N/A DISTINGUISHING CHARACTERISTICS: The principal function of an employee in this class is
More informationTEL2813/IS2820 Security Management
TEL2813/IS2820 Security Management Contingency Planning Jan 22, 2008 Introduction Planning for the unexpected event, when the use of technology is disrupted and business operations come close to a standstill
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationINFORMATION SECURITY PRINCIPLES OF THE UNIVERSITY OF JYVÄSKYLÄ
INFORMATION SECURITY PRINCIPLES OF THE UNIVERSITY OF JYVÄSKYLÄ JYVÄSKYLÄN YLIOPISTO Introduction With the principles described in this document, the management of the University of Jyväskylä further specifies
More informationPosition Description IT Auditor
Position Title IT Auditor Position Number Portfolio Performance and IT Audit Location Victoria Supervisor s Title IT Audit Director Travel Required Yes FOR OAG HR USE ONLY: Approved Classification or Leadership
More informationPOSITION DESCRIPTION
Network Security Consultant POSITION DESCRIPTION Unit/Branch, Directorate: Location: Regulatory Unit Information Assurance and Cyber Security Directorate Auckland Salary range: I $90,366 - $135,548 Purpose
More informationUse of Mobile Devices on Voice and Data Networks Policy
World Agroforestry Centre Policy Series MG/C/4/2012 Use of Mobile Devices on Voice and Data Networks Policy One of the policies on information security and business continuity which will be audited by
More informationBusiness Continuity Management: How to get started. Presented by: Tony Drewitt, Managing Director IT Governance Ltd 19 April 2018
Business Continuity Management: How to get started Presented by: Tony Drewitt, Managing Director IT Governance Ltd 19 April 2018 Introduction Tony Drewitt - Managing Director: IT Governance UK and EU One
More informationCASE STUDY CHIEF INFORMATION OFFICER GROUP
CASE STUDY Project description The Chief Information Officer Group is responsible for ensuring that Defence has a dependable, secure and integrated ICT environment that supports Defence business and military
More informationBirmingham Community Healthcare NHS Foundation Trust. 2017/17 Data Security and Protection Requirements March 2018
1.0 Executive Summary Birmingham Community Healthcare NHS Foundation Trust 2017/17 Data Security and Protection Requirements March 2018 The Trust has received a request from NHS Improvement (NHSI) to self-assess
More informationPolicy Title; Business Continuity Management Policy. Date Published/Reviewed; February 2018
Policy Title; Business Continuity Management Policy Date Published/Reviewed; February 2018 Business Lead; Head of Strategic Governance CCMT sponsor; Deputy Chief Constable Thames Valley Police ensures
More informationCyber Security Program
Cyber Security Program Cyber Security Program Goals and Objectives Goals Provide comprehensive Security Education and Awareness to the University community Build trust with the University community by
More informationBusiness Continuity Management Framework. (Includes Emergency, Critical and Local Incident Management)
Business Continuity Management Framework (Includes Emergency, Critical and Local Incident Management) Version: 1.0 Created: Sept 2015 1 CONTENTS 1. INTRODUCTION... 4 1.1 Purpose of this Framework... 4
More informationNUIT Tech Talk. Emergency Preparedness. March 1, Sharlene Mielke. Jay Bagley. Disaster Recovery / Business Continuity Coordinator
NUIT Tech Talk Emergency Preparedness March 1, 2011 Sharlene Mielke Disaster Recovery / Business Continuity Coordinator Jay Bagley Distributed Support Specialist Information and Systems Security/Compliance
More informationTIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE
TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE Association of Corporate Counsel NYC Chapter 11/1 NYC BDO USA, LLP, a Delaware limited liability partnership,
More informationPOSITION DESCRIPTION
POSITION DESCRIPTION Engagement Manager Unit/Branch, Directorate: Location: Outreach & Engagement, Information Assurance and Cyber Security Directorate Auckland Salary range: H $77,711 - $116,567 Purpose
More informationSeven Requirements for Successfully Implementing Information Security Policies and Standards
Seven Requirements for Successfully Implementing and Standards A guide for executives Stan Stahl, Ph.D., President, Citadel Information Group Kimberly A. Pease, CISSP, Vice President, Citadel Information
More informationPOSITION DESCRIPTION
UNCLASSIFIED IT Security Certification Assessor POSITION DESCRIPTION Unit, Directorate: Location: IT & Physical Security, Protective Security Wellington Salary range: H $77,711 - $116,567 Purpose of position:
More informationTemplate. IT Disaster Recovery Planning: A Template
Template IT Disaster Recovery Planning: A Template When disaster strikes, business suffers. A goal of business planning is to mitigate disruption of product and services delivery to the greatest degree
More informationStandard for Security of Information Technology Resources
MARSHALL UNIVERSITY INFORMATION TECHNOLOGY COUNCIL Standard ITP-44 Standard for Security of Information Technology Resources 1 General Information: Marshall University expects all individuals using information
More informationREVISION HISTORY DATE AMENDMENT DESCRIPTION OF AMENDMENT
REVISION HISTORY DATE AMENDMENT DESCRIPTION OF AMENDMENT IFC SERVICE DESCRIPTION 17 OCTOBER 2016 Page 1 of 9 SERVICE DESCRIPTION 2-14: INTERNATIONAL FALCON CONNECTION SERVICE (IFC Service) 1. THE SERVICE
More informationDated 3 rd of November 2017 MEMORANDUM OF UNDERSTANDING SIERRA LEONE NATIONAL ehealth COORDINATION HUB
Memorandum of Understanding for Joint Working by Ministry of Health and Sanitation, Ministry of Information and Communication on the Government of Sierra Leone ehealth Coordination Hub Dated 3 rd of November
More informationHIPAA Security and Privacy Policies & Procedures
Component of HIPAA Security Policy and Procedures Templates (Updated for HITECH) Total Cost: $495 Our HIPAA Security policy and procedures template suite have 71 policies and will save you at least 400
More informationInternet of Things Toolkit for Small and Medium Businesses
Your Guide #IoTatWork to IoT Security #IoTatWork Internet of Things Toolkit for Small and Medium Businesses Table of Contents Introduction 1 The Internet of Things (IoT) 2 Presence of IoT in Business Sectors
More informationInformation Security Strategy
Security Strategy Document Owner : Chief Officer Version : 1.1 Date : May 2011 We will on request produce this Strategy, or particular parts of it, in other languages and formats, in order that everyone
More informationPROCEDURE POLICY DEFINITIONS AD DATA GOVERNANCE PROCEDURE. Administration (AD) APPROVED: President and CEO
Section: Subject: Administration (AD) Data Governance AD.3.3.1 DATA GOVERNANCE PROCEDURE Legislation: Alberta Evidence Act (RSA 2000 ca-18); Copyright Act, R.S.C., 1985, c.c-42; Electronic Transactions
More informationEA-ISP Business Continuity Management and Planning Policy
Technology & Information Services EA-ISP-002 - Business Continuity Management and Planning Policy Owner: Adrian Hollister Author: Paul Ferrier Date: 06/03/2017 Document Security Level: PUBLIC Document
More informationAGENCY APPLICATION AND PARTICIPATION AGREEMENT MISSOURI POLICE CHIEFS CHARITABLE FOUNDATION CERTIFICATION PROGRAM
AGENCY APPLICATION AND PARTICIPATION AGREEMENT MISSOURI POLICE CHIEFS CHARITABLE FOUNDATION CERTIFICATION PROGRAM This Application and Participation Agreement (hereinafter the "Agreement") is entered into
More information2.4. Target Audience This document is intended to be read by technical staff involved in the procurement of externally hosted solutions for Diageo.
Diageo Third Party Hosting Standard 1. Purpose This document is for technical staff involved in the provision of externally hosted solutions for Diageo. This document defines the requirements that third
More informationRisk Management in Electronic Banking: Concepts and Best Practices
Risk Management in Electronic Banking: Concepts and Best Practices Jayaram Kondabagil BICENTENNIAL B1CBNTENNIAL John Wiley & Sons (Asia) Pte Ltd. Contents List of Figures xiii List of Tables xv Preface
More informationBME CLEARING s Business Continuity Policy
BME CLEARING s Business Continuity Policy Contents 1. Introduction 1 2. General goals of the Continuity Policy 1 3. Scope of BME CLEARING s Business Continuity Policy 1 4. Recovery strategies 2 5. Distribution
More informationPOWER AND WATER CORPORATION POLICY MANAGEMENT OF EXTERNAL SERVICE PROVIDERS
POWER AND WATER CORPORATION POLICY MANAGEMENT OF EXTERNAL SERVICE PROVIDERS Prepared by: Approved by: Chief Procurement Officer John Baskerville Chief Executive File number: D2015/65737 June 2015 MANAGEMENT
More informationNew Zealand Certificate in Contact Centres (Level 3)
New Zealand Certificate in Contact Centres (Level 3) This programme teaches learners the core skills needed to work effectively in a contact centre. They ll learn techniques for listening, customer focus,
More information