Business Continuity Policy

The Business Continuity Policy is designed to ensure the resilience and continuity of critical business functions and services during disruptive events, in alignment with ISO 27001 and the NIST Cybersecurity Framework (CSF). The policy outlines the principles, objectives, and key aspects of the Business Continuity program ensuring compliance with relevant standards and regulatory requirements.

Key Policy Aspects

• Compliance and Obligations: Ensure business continuity arrangements meet all statutory, regulatory, and contractual requirements.
• Continuous Development: Develop, implement, and continually improve business continuity strategies and plans.
• Risk Management: Utilize a risk-based approach to manage business continuity, reflecting the level of risk accepted by Top Management.
• Addressing Risks: Develop strategies and plans for newly identified risks and maintain arrangements for existing risks.
• Resource Allocation: Provide necessary resources, training, and competent staff to support the BCMS.
• Regular Testing and Review: Conduct regular tests and reviews of business continuity arrangements to ensure their effectiveness.
• Evaluation and Enhancement: Evaluate responses to disruptive events, identify areas for improvement, and adopt best practices.
• Supplier Collaboration: Engage with critical suppliers to ensure their awareness and contribution to the BCMS.