Plan and prepare your Data Backup and Disaster Recovery policy with our policy template. The BCP must be periodically tested and the results should be shared with executive management. The purpose of the (Company) Continuity and Recovery Policy is to provide direction and general rules for the creation, implementation, and management of the (Company) Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP). The BCP must be communicated and distributed to all relevant internal personnel and executive management. Having staff who understands what to do in these moments is critical and this policy will guide what goes into those decisions.
The (Company) DRP must include at a minimum: Roles and responsibilities for implementing the disaster recovery plan; List of potential risks to critical systems and sensitive information; Procedures for reporting disaster events, event escalation, recovery of critical operations, and resumption of normal operations; An inventory of backups and offsite storage locations; NIST CSF: ID.BE, PR.IP, RS.RP, RS.CO, RS.IM, RS.RP, RC.IM, RC.CO, Information Classification and Management Policy. Define acceptable hardware, software and infrastructural standards, Establish user responsibilities in the event of an incident, Establish the scope and setup of your Cloud backup environments, Outline backup retention periods and disposal procedures. Business Continuity focuses on sustaining the organizations critical business processes during and after a disruption. We are a leader in IT Infrastructure Planning, Implementation & Support throughout the UK and Ireland. The (Company) Continuity and Recovery Policy applies to individuals accountable for ensuring business continuity and disaster recovery processes are developed, supported, tested, and maintained. Any vendor, consultant, or contractor found to have violated this policy may be subject to sanctions up to and including removal of access rights, termination of contract(s), and related civil or criminal penalties. Covering your internal hardware resource, processes and responsibilities, it sets out your policies into a single, concise document. Company Reg No NI038347. Business continuity planning should ensure that: the safety and security of personnel is the first priority; an adequate management structure is in place to prepare for, mitigate and respond to a disruptive event using personnel with the necessary authority, experience, and competence; documented plans, response and recovery procedures are developed and approved, detailing how the organization will manage a disruptive event. You manage vast quantities of data daily; data that manages your people, processes and customer services. Personnel found to have violated this policy may be subject to disciplinary action, up to and including termination of employment, and related civil or criminal penalties. The DRP must be communicated and distributed to all relevant internal personnel and executive management. Download our free Data Backup and Disaster Recovery Policy Template today and make planning your policy and protecting your data simple. Waivers from certain policy provisions may be sought following the (Company) Waiver Process. VAT Number GB769113710. The DRP must be reviewed and updated upon any relevant change to IT Infrastructure, at the conclusion of plan testing, or least annually. The DRP must be tested annually, at a minimum.
Please use these policy templates as a way to get your organization on the right track when it comes to full policy creation and adoption. A risk assessment for critical business processes and operations (Business Impact Analysis); An inventory of critical systems and records, and their dependencies; Requirements for ensuring information security throughout the process; Identification of supply chain relationships and the organizations role to support critical infrastructure; Processes to ensure the safety of personnel; Communication strategies for communications both inside and outside the organization; Mitigation strategies and safeguards to reduce impact; Strategies to address and limit the reputational impact from an event; Contingency plans for different types of disruption events; Protection and availability of plan documentation; Procedures for plan tests, review, and updates. Business continuity and disaster recovery allow our organizations to continue operating during or recover from unforeseen circumstances that may otherwise stall business or security operations. CMI Ranked Among Worlds Most Elite 501 Managed Service Providers, Belfast / London / Thames Valley0800 023 2696hellocmi@newcmi.comSpeak to us. Download our free Business Continuity and Disaster Recovery Policy Template now. The BCP must be reviewed and updated upon any relevant change to the organization, at the conclusion of plan testing, or least annually. Copyright 2020 New CMI Ltd. All Rights Reserved. If that data were to be compromised - and your systems alongside it - how prepared would your business be to recover and resolve? Adopting a full set of information security policies is a critical step in ensuring that every department and employee understands their role in helping protect company, customer, and employee data. Disaster Recovery focuses on restoring the technology systems that support both critical and day-to-day business operations.