Business Continuity

Policy

1. The Company policy is to maintain the continuity of its activities, systems, facilities and processes and where these are disrupted by any event to enable it to return to ‘normal’ operations as soon as possible, taking fully into account the impact of any delay on Infuse Technology’s quality of service, reputation and finances.

2. This policy is intended to ensure:

The concept of Business Continuity and our policy and approach is understood by all stakeholders.

Internal and external dependencies on customers, suppliers, partners and resources implications are identified.

Management plans are developed to ensure recovery continuity is assured to an acceptable level in the event of an interruption to services.

Plans are systematically maintained and tested.

A programme of training and communication is put in place.

Objectives

3. The objectives of business continuity planning are to ensure that Infuse Technology and all its staff and associates:

Understands its critical activities and maintains the capability to resume operations within agreed time frames, following the deployment of a contingency planning response.
Increases resilience by protecting critical assets and data (electronic and otherwise) through a coordinated approach to management and recovery.
Minimises impacts using a focused, well managed response activity.

Scope

4. All Infuse Technology activities wherever conducted, must comply with the requirements of this Policy.

Requirements

5. Infuse Technology requires

A standing Major Incident Team is formed with the responsibility to recover Infuse Technology generic facilities, corporately managed systems and central data security and;
The maintenance of a Major Incident Plan to guide the team on the recovery from major incidents. This to include call out arrangements and operational requirements and the plan must be subject to testing at least bi-annually;

6. In compiling plans due consideration must be given to:

Taking all reasonable measures to prevent and avoid any disruption to normal operations.

Considering continuity planning and resilience implications in all process, project and system developments.

Making advance arrangements for the recovery of infrastructure components (e.g. accommodation, transport, telecommunications, equipment and supplies).
Making advance arrangements to re-locate or re-organise operations to allow critical processes to continue.

Providing resilience for information systems and data, or alternative ways of working in the event of their failure.

Protecting staff, and third party welfare during and following an incident.
Ensuring the effectiveness of Plans and recovery arrangements through robust and regular testing and training.

Updating plans following significant changes to contingency planning requirements. Such changes may occur as part of organisational change planning and management.

Approval and review

7. Original Business Continuity policy approved by the Directors in July 2016.

The policy must be reviewed and approved at least every two years.
Latest date for review and re-approval by the Directors June 2018

January 2017