Business Continuity Policy

Updated on 11 December 2017

Business Continuity is the capability of an organisation to continue delivery of services at acceptable predefined levels following a disruptive incident

On this page


Business Continuity is the capability of an organisation to continue delivery of services at acceptable predefined levels following a disruptive incident.

Business Continuity Planning allows an organisation to proactively mitigate the operational risks arising from an incident that may have a negative impact on business as usual. This increases the likelihood of the organisation being able to continue its critical activities following a major disruption.

The purpose of this policy is to support the University in identifying clearly its critical activities and capability to resume business as usual within agreed timeframes following the deployment of an emergency response.

Effective business continuity planning will increase resilience and minimise disruption. This provides the University with the capability to ensure continuity of teaching and research and to supports its staff and students following any major incident.

Who this policy applies to

This Policy extends to all of the University’s activities and operations.

Policy Statement

The University of Dundee is committed to implementing best practice in business continuity planning throughout the institution to minimise the effect of disruptions on our staff, our students, our key stakeholders and the general public, and to maintain the reputation of the University.

The University of Dundee will take all reasonable steps to ensure that in the event of a major incident, critical activities will be maintained and normal services resumed as soon as possible.

The University of Dundee’s top priority is to ensure the safety of its people and the security of its work environment.

The University of Dundee aims to:

  • identify time critical activities across the institution and ensure that appropriate business continuity arrangements are in place for these
  • establish a clear and comprehensive plan in order to respond to incidents
  • develop and review the plan in accordance with the University’s strategic aims and best practice across the sector
  • embed business continuity into the culture of the University so that this, alongside risk management, becomes an integral part of decision making

Business Continuity planning processes will be delivered in conjunction with the risk management framework. Risk management aims to identify and manage risks; business continuity planning then handles the risk if it materialises.

Business Continuity Plans and Business Impact Analyses should be reviewed on an annual basis.


The University is responsible for issuing relevant procedures and guidance for the development of effective business continuity plans.

The University will engender and sustain a culture of business continuity planning throughout the University.

University management has prime responsibility for establishing a robust business continuity plan and accompanying procedures, and the Court has overall responsibility for overseeing it. In accordance with accepted best practice, the Court has delegated responsibility for the oversight of business continuity planning to the Audit Committee.

Employees of the University must be aware of the University’s business continuity processes and their own specific responsibilities.

Risk Management Oversight Group

The Risk Management Oversight Group will oversee the development and review of the University’s business continuity plan.

The Risk Management Oversight Group will oversee business continuity planning at a Directorate/School level.

Academic and Corporate Governance

The Directorate of Academic and Corporate Governance will coordinate business continuity planning, and specifically will:

  • champion the aims of the Business Continuity Policy
  • develop standardised procedures for carrying out Business Impact Analyses, developing business continuity plans and exercising these plans
  • maintain and update an institutional business continuity plan

Deans, School Managers and Directors

The University’s Schools and Directorates must have business continuity plans in place and these must be reviewed regularly. Deans, School Managers and Directors of Professional Services will take devolved responsibility for:

  • carrying out BIAs
  • reviewing and updating their Business Continuity plans
  • reporting on the above

Further information

Document information
Document name Business Continuity Policy
Status Approved
Responsible officer/department/school ACG
Policy owner Audit Committee
Date last approved 11/12/2017
Due for renewal 2019
Information classification: public/internal  Public
Location in repository Court
Approval route and history Court 11/12/2017
Risk Management Oversight Group 13/09/2017
Code CRT171211_BC_Policy
Corporate information category Academic governance