The company has evaluated a variety of disasters that could face the country or industry. This section will demonstrate your readiness to ensure that the threat of disruption has been curbed and the impact on your clients are limited.
Today, companies must have robust operational and system business continuity plans to deal with significant local and national events and disruptions, now including global events like the COVID-19 crisis. Many regulatory bodies review company’s operational resilience and expect these companies to take reasonable steps to ensure they continue to comply with their regulatory obligations, notwithstanding any adjustments made to their usual practices in the context of extraordinary circumstances.
Resilience strategy should prevent, adapt to, respond to, recover from, and learn from operational disruptions. Whilst operational risk is centred around risk management, operational resilience is an outcome which should be looked on as a forward-looking approach where decisions are made today to prevent detriment in the future.
The Purpose of this Standard
In a period where company’s operational resilience is even more challenging, as key members of staff are working remotely, the need for building resilience against any business disruption is more important than ever. Therefore, the purpose of this standard is to give companies the ability to demonstrate their own resilience as an assurance to internal and external stakeholders and customers.
This standard is accountable to all the key pillars of any company – People, customers, shareholders, partners & clients:
- People – Employment continuity, systems & collaboration tools for remote working and work-life balance in a safe environment. Maintain culture and HR practices to maintain and build loyalty
- Clients – Data security, business continuity, end customer experience, seamless functioning through cloud-based systems
- Shareholders – Business continuity, financial adherence, reputation management & business growth
- Partners/Vendors – Seamless functioning, payments, exchange of services and relationship management
- End Customers – Brand representation, experience, resolution, empathy & connect
The Criteria of this Standard
Criteria for this will include the ability of the company to demonstrate their planning for the unforeseen, test those plans and deploy those plans quickly and effectively. Business Continuity Planning should be thorough, address all parts of the company, including, for example, the need to access data in real-time, support regulatory and compliance requirements and be thoroughly understood by all members of staff.
These plans should be tested, and measurements and feedback from these tests be incorporated into required improvements to the plans.
The assessment process for uploading information and documentation for review:
- In your company what would you classify as future disasters that could face the country or the industry
- Please upload your Disaster Recovery Policy
- Please upload your Work from Home Policy
- Please upload and additional Policies that will govern the smooth running of your company in case of any disasters
- Briefly describe your use of technology to assist your company with any future disasters