Continuity management COPL

(modified)

Developing, implementing and testing a business continuity framework.

Guidance notes

(new)

Disruptions have a variety of causes, such as - but not limited to - cyber attacks, data breaches, organised crime, fires, floods, natural disasters, pandemics, health emergencies, supply chain failure.

Activities may include - but are not limited to...

  • identifying potential threats and their business impact
  • developing plans and procedures to respond to an incident
  • ensuring critical business functions can continue with a planned level of disruption
  • ensuring an acceptable level of service can be restored after a disruption
  • developing organisational resilience
  • assuring that continuity is being designed into systems, processes and ways of working
  • enabling continuous delivery, deployment and integration of applications and infrastructure without adverse impact or disruption to service

Continuity management: Level 6

(new)

Sets the strategy for continuity management across the organisation. Secures organisational commitment, funding and resources for continuity management. Leads continuity management exercises. Communicates the policy, governance, scope, and roles involved in continuity management. Has defined authority and accountability for the actions and decisions for continuity management

Continuity management: Level 5

(modified)

Manages the development, implementation and testing of continuity management plans. Manages the relationship with individual and teams who have authority for critical business processes and supporting systems. Evaluates the critical risks and identifies priority areas for improvement. Designs and implements a testing strategy to ensure that continuity plans and procedures address exposure to risk and that agreed levels of continuity can be maintained.

Continuity management: Level 4

(modified)

Contributes to the development of continuity management plans. Identifies information and communication systems that support the critical business processes. Coordinates the business impact analysis and the assessment of risks. Coordinates the planning, designing, and testing of contingency plans

Continuity management: Level 3

(new)

Applies structured approach to develop and document the detail for a continuity plan. Maintains documentation of business continuity and disaster recovery plans. Supports development of a test plan and implementation of continuity management exercises.

Continuity management: Level 2

(new)

Maintains records of all related testing and training and ensures the availability of all documentation. Records the actions taken and the consequences following an incident, for a lesson-learned report.