Policy
Business continuity policy
Updated on 11 December 2017
Business continuity is the capability of an organisation to continue delivery of services at acceptable predefined levels following a disruptive incident
Business continuity is the capability of an organisation to continue delivery of services at acceptable predefined levels following a disruptive incident.
Business Continuity Planning allows an organisation to proactively mitigate the operational risks arising from an incident that may have a negative impact on business as usual. This increases the likelihood of the organisation being able to continue its critical activities following a major disruption.
The purpose of this policy is to support the University in identifying clearly its critical activities and capability to resume business as usual within agreed timeframes following the deployment of an emergency response.
Effective business continuity planning will increase resilience and minimise disruption. This provides the University with the capability to ensure continuity of teaching and research and to supports its staff and students following any major incident.
Who this policy applies to
This Policy extends to all of the University’s activities and operations.
Policy statement
The University of Dundee is committed to implementing best practice in business continuity planning throughout the institution to minimise the effect of disruptions on our staff, our students, our key stakeholders and the general public, and to maintain the reputation of the University.
The University of Dundee will take all reasonable steps to ensure that in the event of a major incident, critical activities will be maintained and normal services resumed as soon as possible.
The University of Dundee’s top priority is to ensure the safety of its people and the security of its work environment.
The University of Dundee aims to:
- identify time critical activities across the institution and ensure that appropriate business continuity arrangements are in place for these
- establish a clear and comprehensive plan in order to respond to incidents
- develop and review the plan in accordance with the University’s strategic aims and best practice across the sector
- embed business continuity into the culture of the University so that this, alongside risk management, becomes an integral part of decision making
Business Continuity planning processes will be delivered in conjunction with the risk management framework. Risk management aims to identify and manage risks; business continuity planning then handles the risk if it materialises.
Business Continuity Plans and Business Impact Analyses should be reviewed on an annual basis.
Responsibilities
The University is responsible for issuing relevant procedures and guidance for the development of effective business continuity plans.
The University will engender and sustain a culture of business continuity planning throughout the University.
University management has prime responsibility for establishing a robust business continuity plan and accompanying procedures, and the Court has overall responsibility for overseeing it. In accordance with accepted best practice, the Court has delegated responsibility for the oversight of business continuity planning to the Audit Committee.
Employees of the University must be aware of the University’s business continuity processes and their own specific responsibilities.
Risk Management Oversight Group
The Risk Management Oversight Group will oversee the development and review of the University’s business continuity plan.
The Risk Management Oversight Group will oversee business continuity planning at a Directorate/School level.
Academic and Corporate Governance
The Directorate of Academic and Corporate Governance will coordinate business continuity planning, and specifically will:
- champion the aims of the Business Continuity Policy
- develop standardised procedures for carrying out Business Impact Analyses, developing business continuity plans and exercising these plans
- maintain and update an institutional business continuity plan
Deans, School Managers and Directors
The University’s Schools and Directorates must have business continuity plans in place and these must be reviewed regularly. Deans, School Managers and Directors of Professional Services will take devolved responsibility for:
- carrying out BIAs
- reviewing and updating their Business Continuity plans
- reporting on the above
Further information
| Document name | Business Continuity Policy |
|---|---|
| Status | Approved |
| Responsible officer/department/school | ACG |
| Policy owner | Audit Committee |
| Date last approved | 11/12/2017 |
| Due for renewal | 2019 |
| Information classification: public/internal | Public |
| Location in repository | Court |
| Approval route and history | Court 11/12/2017 Risk Management Oversight Group 13/09/2017 |
| Code | CRT171211_BC_Policy |