Classification: PUBLIC © Quadient Business Continuity Plan Author: Allan Morrison Valid from: 17-03-2020 Version No.: V2.0 Approved by: Warren Tait
Classification: PUBLIC
© Quadient
Business Continuity Plan
Author: Allan Morrison
Valid from: 17-03-2020
Version No.: V2.0
Approved by: Warren Tait
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 2/50
Distribution List
Distribution Type Public – for distribution as required
To: (must know)
CC: (for information)
Change Control
Modification Notice Author Date Version Changes Highlight
Issue 1.0 Allan Morrison 12/03/20 V1.0 Approved for issue W Tait
Issue 2.0 Allan Morrison 17/03/20 V2.0 Minor Text changes
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 3/50
Table of contents
1 Activate the Plan ............................................................................................................................................ 5
1.1 Authority to Activate this Plan ................................................................................................................ 5
1.2 The Media ............................................................................................................................................... 5
1.3 Document References ............................................................................................................................. 5
2 Overview ........................................................................................................................................................ 6
2.1 Scope ....................................................................................................................................................... 6
2.2 Approach ................................................................................................................................................. 6
2.3 Objectives ................................................................................................................................................ 7
2.4 Recovery Time Requirements ................................................................................................................. 7
3 Organisation ................................................................................................................................................... 9
3.1 Recovery Teams – Head Office and Regional Offices .............................................................................. 9
3.2 Recovery Teams – DCS, Slough ............................................................................................................. 14
4 Roles and Responsibilities ............................................................................................................................ 17
4.1 Management Team ............................................................................................................................... 17
4.2 First Responder Team ........................................................................................................................... 18
4.3 IT Team .................................................................................................................................................. 19
4.4 Facilities Team ....................................................................................................................................... 20
4.5 Managed Services Team – DCS ............................................................................................................. 21
5 Processes ...................................................................................................................................................... 22
5.1 Activation .............................................................................................................................................. 22
5.2 Developing Situations ........................................................................................................................... 23
5.3 Business Resumption ............................................................................................................................ 23
6 Procedures ................................................................................................................................................... 27
6.1 Management Team ............................................................................................................................... 27
6.2 First Responder Team ........................................................................................................................... 30
6.3 IT Team .................................................................................................................................................. 33
6.4 Facilities Teams ..................................................................................................................................... 37
6.5 Managed Services Team - DCS .............................................................................................................. 41
6.6 Other (Agile) Employees ....................................................................................................................... 43
7 Maintenance and Testing ............................................................................................................................. 44
7.1 Maintenance of BCP Documentation .................................................................................................... 44
7.2 DCS Managed Services Disaster Recovery Testing ................................................................................ 44
7.3 BCP Testing ............................................................................................................................................ 45
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 4/50
APPENDIX D – Media Management ...................................................................................................................... 47
Procedures for Dealing with the Media ............................................................................................................ 47
APPENDIX E – Event Log ........................................................................................................................................ 48
Glossary ................................................................................................................................................................. 49
List of Figures
Figure 1: Outage and Recovery Times..................................................................................................................... 8
Figure 2: Quadient UK Ltd Recovery Team Structure ............................................................................................. 9
Figure 3: Management Team ................................................................................................................................ 10
Figure 4: First Responder Team ............................................................................................................................ 11
Figure 5: IT Team ................................................................................................................................................... 12
Figure 6: Facilities Team ........................................................................................................................................ 13
Figure 7: DCS Recovery Team Structure ............................................................................................................... 14
Figure 8: Management Team - DCS....................................................................................................................... 15
Figure 9: Managed Services Team – DCS .............................................................................................................. 16
Figure 10: Facility Team - DCS ............................................................................................................................... 16
Figure 11: BCP Activation Stages ........................................................................................................................... 22
Figure 12: Business Resumption Process .............................................................................................................. 25
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 5/50
1 Activate the Plan
To activate this plan in the event of a serious disruptive incident, refer to: Section 6, Procedures
1.1 Authority to Activate this Plan
The Chief Operating officer (COO) has the authority to activate actions within this plan. If he is unavailable, another Exec Director or the Director QMS and Transformation may also activate the plan.
The COO will assume the role, and the associated responsibilities, of Management Team Leader. The COO may delegate the Management Team Leader role, or if he is unavailable, another Executive Director may assume the Management Team Leader Role. This will normally revert to the VP/Director of Operations. See section 3, Organisation.
1.2 The Media
Members of staff must follow the Media Management Procedure for Dealing with the Media. – See Appendix D.
1.3 Document References
Relevant documents which may need to be referred to when the plan is activated include:
Description Location
Recovery Team Call Trees Microsoft Teams – Project Picard
IT Risk Assessment Microsoft Teams – Project Picard
BCP Risk Assessment Microsoft Teams -Project Picard
Acceptable Use Policy Quadient Sharepoint – Form Farm
http://sharepoint.ad.neopost.com/departments/Pages/FormsAndPolicies.aspx
Homeworking Policy Quadient Sharepoint – Form Farm
http://sharepoint.ad.neopost.com/departments/Pages/FormsAndPolicies.aspx
Emergency Evacuation Process Sharepoint - QHSE
http://sharepoint.ad.neopost.com/departments/qhse/Shared Documents/HS06-Fire Emergency Evacuation.docx
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 6/50
2 Overview
2.1 Scope
This Business Continuity Plan (BCP) is applicable to the business functions, employees, premises and assets of the Quadient UK Ltd organisation including Data Capture Solutions (DCS); a Quadient company. This group comprises the businesses previously known as Neopost Ltd, Quadient UK and Data Capture Solutions (DCS).
These business units operate from various premises within the United Kingdom, with offices and production units located in London, Slough, Bristol, Birmingham, Wakefield and Livingston.
2.1.1 Exclusions
• This BCP does not address the recovery of any Quadient UK Ltd’s business operations or processes not identified as critical.
• A disruptive incident of such a magnitude that there are insufficient personnel to resource the recovery in order to meet Quadient UK Ltd’s objectives is also excluded.
2.2 Approach
This document may be released to selected customers and other interested parties as required. It has been copied from the internal BCP document but any confidential information has been redacted to allow distribution to a wider audience.
For each of the above business units a Business Impact Analysis (BIA) was conducted which identified those processes regarded as critical, together with the physical and virtual resources required to support them.
The BIA determines the maximum time that each critical process, its resources and infrastructure could be disrupted for, without causing unacceptable damage to the business or its customers. The likelihood and severity of each potential disruption is then analysed using a risk assessment process.
A disruptive incident is defined as an event that interrupts a critical business process hence reducing Quadient UK Ltd’s ability to provide normal service to its customers. The Maximum Allowable Outage (MAO) for the businesses as a whole has been defined as 3 working days. A disruptive incident causing an outage exceeding, or likely to exceed, this period is defined as significant. A declaration that such an incident has occurred, and that the BCP has been activated, begins the recovery process described in this document.
The BCP details the communications structure, roles and responsibilities of the Recovery Teams, and other personnel, who are responsible for managing the rapid and orderly resumption of critical processes.
The BCP may be activated where a significant disruptive incident affects one of the following areas:
Premises: An unplanned event that causes any site to be inaccessible, or unusable for a period exceeding, or likely to exceed, the MAO
People: An incident that prevents employees from carrying out their normal activities, for example pandemic illness or major travel breakdown
IT: A major breakdown or loss of IT infrastructure, hardware or application which cannot be recovered within the MAO
Depending on the nature and severity of the incident, the activation of the BCP can be modified so that, for example, specific groups of staff may work remotely, or changes can be made to working time or location for staff who will work in one of the offices or other locations.
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 7/50
At every stage of activation of this plan, from initial reporting of a disruptive incident, through to return to business as usual, preserving the security of Quadient UK Ltd information and assets will be given appropriate consideration. The level of security afforded during the activation shall be at least as high as that in place prior to the incident occurring.
2.3 Objectives
The objectives of the BCP are to continue to serve customers; minimize financial loss to the organisation; and mitigate the negative effects disruptions can have on strategic plans, reputation, operations, credit quality, market position, and compliance with contractual obligations, applicable laws and regulations.
The primary objective is to provide for restoration and continuation of those processes the organisation has defined as critical through Business Impact Analysis. This is accomplished by developing and maintaining a detailed plan that will organise and govern recovery operations following a significant disruptive event. The BCP must:
• provide the information and procedures necessary to respond to an incident, notify personnel and recovery teams, recover data and resume processing as soon as possible after a disruptive incident.
• create a recovery structure strong enough to provide guidance to all interrelated groups, yet flexible enough to allow Quadient UK Ltd personnel to respond to whatever type of disruptive incident may occur.
• provide specific action plans for each relevant functional area.
• identify those activities necessary to resume full services.
• establish a return to a business as usual (BAU).
2.4 Recovery Time Requirements
The following requirements are a result of the Business Impact Analysis process, which forms part of the Quadient UK Ltd BCP:
• Maximum Acceptable Outage (MAO). The maximum allowable outage is the amount of time Quadient UK Ltd’s critical processes may be unavailable before business operations are severely impacted. The MAO encompasses all activities from point of impact to point of resumption of critical processes as described in Section 5.1, Activation. The overall MAO for Quadient UK Ltd is 3 working days.
• Recovery Time Objective (RTO). The Recovery Time Objective is the time taken to recover the in-scope services from BCP activation to the point where the Recovery Teams are able to provide the critical business processes. The overall RTO for Quadient UK Ltd is 2 working days. However, where a customer has specifically requested a shorter period we shall endeavour to comply and keep the customer informed.
• Recovery Point Objective (RPO). The recovery point objective is the worst data loss that the Quadient UK Ltd is willing to accept. This is the point from which recovery of lost data must take place if applicable. The RPO is defined as 1 working day.
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 8/50
RTO
MAO
Service Interruption
Time
RPO
Resumption of Critical Processes BCP Activation
Figure 1: Outage and Recovery Times
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 9/50
3 Organisation
3.1 Recovery Teams – Head Office and Regional Offices
A Recovery Team strategy has been employed for the BCP. For the Head Office and UK Regional Offices, the Recovery Team, figure 2, comprises a management team made up of senior management staff and three sub-teams responsible for the successful execution of the BCP. The team titles are given below:
• The Management Team (MT)
• The First Responder Team (FRT)
• The IT Team (ITT)
• The Facilities Team (FT)
Figure 2: Quadient UK Ltd Recovery Team Structure
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 10/50
3.1.1 Management Team
The Management Team, figure 3, comprises the Executive Directors and is led by the COO. It is responsible for deciding on the correct action to take following a disruptive incident and coordinating and directing all activities during the recovery period. The team will decide if the incident is significant and damaging enough to activate the BCP.
Following BCP activation, this team begins the communication process, with the other recovery teams providing sufficient information to allow them to take the necessary action.
The team is also responsible for communications with the media, key vendors, key clients, stakeholders and other Quadient entities as necessary. This team is responsible for the on-going recovery program and for keeping this plan current during its activation.
Figure 3: Management Team
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 11/50
3.1.2 First Responder Team
The First Responder Team, figure 4, comprises staff from the Cashiers, Customer Experience (CX), Installation and Onboarding departments.
The purpose of the First Responder Team is to operate the established BCP processes and procedures in line with their training and this plan. Their aim is to continue to provide critical business processes to the minimum acceptable level, until a return to business as usual.
Figure 4: First Responder Team
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 12/50
3.1.3 IT Team
The IT Team, figure 5, comprises staff from Group IT Infrastructure, Applications and Desktop Support.
The purpose of the IT Team is to provide IT support to any business unit before, during, and after, a BCP activation. Its primary responsibility is to ensure that the First Responder Team, and other staff involved in maintaining critical business processes, have the necessary hardware, IT infrastructure and access to software applications to be able to operate effectively. This team is also responsible for restoring computing services at the existing or alternative facilities as appropriate.
Figure 5: IT Team
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 13/50
3.1.4 Facilities Team
The Facilities Team, figure 6, comprises senior management and other facilities staff. However, a small team also exists in the DCS site in Slough, Berkshire, see section 3.2.3.
The primary purpose of this team, following a disruptive incident, is to take all necessary actions to provide for the safety of staff or other persons affected by the incident.
Subsequently, the team is responsible for securing the site against unauthorised access and then conducting an in-depth damage assessment with recommendations to management for the required repair or restoration activities.
When the recovery plan is provided by the Management Team, the Facilities Team takes responsibility for salvage and restoration of the primary site to operational status as quickly as possible. In extreme circumstances, the team may be needed to prepare an alternative facility for occupation.
Figure 6: Facilities Team
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 14/50
3.2 Recovery Teams – DCS, Slough
The DCS business unit, in Slough, Berkshire, operates in a more autonomous manner and therefore employs its own Recovery Team, figure 7, which works closely with the head office team and includes the IT Team (see section 3.1.3 above) as necessary. The DCS Recovery Team comprises a management team made up of senior management staff and two sub-teams, plus the IT Team. The team titles are given below:
• The Management Team (MT)
• The Managed Services Team (MST)
• The Facility Team (FT)
• The IT Team (ITT) – as required
In the event of a significant disruptive incident, it is fundamentally important that all Recovery Teams liaise at the earliest possible point and, subsequently, throughout the activation of the BCP.
Figure 7: DCS Recovery Team Structure
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 15/50
3.2.1 Management Team - DCS
The DCS Management Team, figure 8, is led by the COO, and comprises the senior management responsible for the DCS business unit.
Following BCP activation, this team begins the communication process. Other recovery teams will provide sufficient information to allow them to take the necessary action.
The team is also responsible for communications with the media, key vendors, key clients, stakeholders and other Quadient entities as necessary. This team is responsible for the on-going recovery program and for keeping this plan current during its activation.
Figure 8: Management Team - DCS
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 16/50
3.2.2 Managed Services Team – DCS
The DCS Managed Services Team, figure 9, comprises the management and key staff of the operational functions of the unit.
Following BCP activation, this team will ensure that customer scanning and workflow services are maintained in accordance with specific sales contracts.
If the primary site in Slough, Berkshire, is unavailable, the MST will work with local and Head Office functions to set up operations at an alternative facility, the Disaster Recovery (DR) Site.
Figure 9: Managed Services Team – DCS
3.2.3 Facility Team - DCS
The DCS Facility Team, figure 10, will work closely with the Quadient UK Ltd IT Facilities Team, during a BCP activation, to assess and report any damage, damage mitigation, salvage, and physical restoration of the office environment.
The primary purpose of this team, following a disruptive incident, is to take all necessary actions to provide for the safety of staff or other persons affected by the incident. Subsequently, the team is responsible for securing the site against unauthorised access.
When the recovery plan is provided by the Management Team, both Facilities Teams will take responsibility for salvage and restoration of the primary site to operational status as quickly as possible. In extreme circumstances, the team may be needed to assist with the preparation of the DR Site for occupation.
Figure 10: Facility Team - DCS
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 17/50
4 Roles and Responsibilities
4.1 Management Team
Management Team roles and responsibilities, for all Quadient UK Ltd business units, are summarised in Error! Reference source not found..
Team Role Owner Responsibility
Management Team Leader
Chief Operating Officer Activate the BCP. Senior manager to oversee recovery.
Alternative Mgmt. Team Leader
Nominated member of the Exec or senior Management
Full authority to act if Team Leader is not available.
Recovery operations VP Director of Operations Communications with Facilities and IT teams. Oversight of recovery activities.
Finance Management Finance Director UK & Ireland
VP Director of Operations
Communications with First Responder team.
Authority to purchase goods and services, and to release funds required to achieve recovery.
Legal and Corporate COO
VP Director of Operations
Legal and contractual decisions and actions.
Human Resources Management
HR Director All Human Resources decisions and actions.
Communications Management
HR Director
Office Manager - DCS
Authority to speak for the organisation. Provides written text to IT and Communications Manager for onward communication to employees and others.
Customer Communications
VP & MD Mail Related Solutions
Ensures key customers are contacted and informed of the situation on a regular basis
Customer Communications
VP & Marketing Director UK & Ireland
Ensures that appropriate information is delivered to customers through all available marketing channels
Table 1: Management Team Roles and Responsibilities
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 18/50
4.2 First Responder Team
First Responder Team roles and responsibilities are summarised in Table 2.
Team Role Owner Responsibility
FRT Team Leader Cashiers Manager Communications with team members through functional team leaders. Coordinating the team’s activities to ensure all in-scope processes are managed effectively.
Alternative FRT Team Leader
Nominated team member Full authority to act if Team Leader is not available.
Recrediting processes Team members Ensure all key recrediting processes, identified during BIA, are carried out effectively
Customer Contact Management
CX Team Leader
Installation & Onboarding Team Leader
Receiving contacts from customers and ensuring that the correct action is taken to resolve any reported issues.
Team communication Communications Representative
Nominated team member to hold contact details, devise team communication plan and ensure that the team and key stakeholders have an effective method of communicating.
Table 2: First Responder Team Roles and Responsibilities
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 19/50
4.3 IT Team
The IT Team roles and responsibilities, for all Quadient UK Ltd business units, are summarised in Table 3.
Team Role Owner Responsibility
IT Team Leader IT Service Manager
Head of Global Infrastructure
Technical Director - DCS
Communication with team members. Coordinating the team’s activities to ensure all in-scope processes are effectively supported.
Liaison with Facilities and Management teams to help understand the nature and extent of a disruptive incident.
Advise if the IT systems can be recovered and provide expected timescale and cost.
If the primary site cannot be recovered, work with Facilities and Management teams to locate and equip an alternative site.
Alternative Team Leader
Nominated team member Full authority to act if team leader is not available.
Network Services Recovery
Team members Recovery of data network infrastructure. Includes recovery of hardware equipment, connectivity, applications and data.
Server Recovery Team members Recovery of critical servers.
Support to Credifon FRT
Team members Ensure that recrediting, and other in-scope Credifon processes, are effectively supported with IT applications and systems.
Support to Managed Services - DCS
Team members Ensure all IT applications and systems are available to Managed Services, DCS, so that they can deliver contractual requirements.
Process support Team members Ensure that all critical, in-scope processes, are effectively supported with IT hardware, applications and systems.
Team communication Communications Representative
Nominated team member to hold contact details, devise team communication plan and ensure that the team and key stakeholders have an effective method of communicating.
Table 3: IT Team Roles and Responsibilities
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 20/50
4.4 Facilities Team
Facilities Team roles and responsibilities, for all Quadient UK Ltd business units, are summarised in Table 4
Team Role Owner Responsibility
Facility Team Leader Director of QMS & Transformation
Communications with team members.
Oversee facilities functions, safety and security.
Carry out and manage; damage assessment, damage mitigation, salvage, reconstruction and alternative site setup as required.
Liaison with Management, IT and Managed Services teams to help understand the nature and extent of a disruptive incident.
Advise if the primary site building and infrastructure can be recovered, together with expected timescale and cost.
Alternative Team Leader
Nominated team member Full authority to act if team leader is not available.
Security Team members Ensure security of the primary site during and following a disruptive incident. Liaise with site agents, security and management to ensure that the best available methods are employed.
Source alternative premises
Nominated team member If the primary site cannot be recovered, work with all Recovery teams to locate and equip an alternative site.
Building and Utilities Nominated team member Plan, arrange and manage recovery of primary site and utilities as required.
Building and Utilities - DCS
Office Manager -DCS
Supplies and services Nominated team member Manage the logistics of pausing and restarting the supply of materials and services to the primary or alternative site.
Supplies and services - DCS
Office Manager -DCS
Incoming post Nominated team member Arrange collection of incoming post from a local sorting office.
Manage the sorting and delivery of mail, especially:
• to ensure that cheques and other Credifon documents are passed to Cashiers
• secure delivery of incoming customer documents, via a courier to the DR site if applicable.
Table 4: Facilities Team Roles and Responsibilities
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 21/50
4.5 Managed Services Team – DCS
Managed Services Team roles and responsibilities, for the DCS business unit, are summarised in Table 5
Team Role Owner Responsibility
Team Leader Managed Services Director Communications with team members.
Oversee effective resumption of Managed Services processes.
Manage relocation to DR site if required.
Alternative Team Leader
Nominated team member Full authority to act if team leader is not available.
Transfer to DR site Team members Liaise with Facilities teams at Slough and Stratford to prepare the Birmingham DR site.
Organise team attendance rotas, including travel and accommodation if necessary.
Incoming post and customers’ documents
Team members Arrange collection of mail from local sorting office.
Arrange collection of customers’ hardcopy documents and delivery, by courier, to DR site.
Team communication Communications Representative
Nominated team member to hold contact details, devise team communication plan and ensure that the team and key stakeholders have an effective method of communicating.
Table 5: managed Services Team - DCS Roles and Responsibilities
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 22/50
5 Processes
This section describes, at a high-level, the processes that will be followed after a significant disruptive incident has occurred. For further information on the actions that will be taken, refer to Section 6, Procedures.
5.1 Activation
Following the occurrence of a disruptive incident, there are three processes that will take place prior to the activation of the BCP:
• Incident Alert – from notification of an incident, the Recovery Team members are contacted and appraised of the situation.
• Investigation and Report – to ascertain whether a disruptive incident is significant, assess the nature and extent of the effect and to report to the recovery team.
• Activation Assessment – to ascertain if the predetermined MAO is likely to be compromised and decide to activate the BCP.
RTO ≤2 days
MAO ≤ 3 days
Service Interruption
Time*
RPO ≤1 day
Resumption of Critical Processes
BCP Activation
Incident Alert
≤2 hours
Investigate & Report
≤6 hours
Activation Assessment
≤2 hours
*Times specified are working hours or working days
Figure 11: BCP Activation Stages
The existing issue management processes may successfully control, mitigate or correct the effects of an incident, within the above timeframe, without the need to activate the BCP. However, if it is clear that the incident will, or is likely to, result in a failure to achieve the MAO, the BCP should be activated as soon as possible.
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 23/50
5.2 Developing Situations
Exceptions to the above activation processes exist where there has not been one specific disruptive incident
but where a situation is developing and requires a flexible response.
Epidemic or pandemic diseases are a case in point, where service interruption occurs over a period of time and
is constantly changing. In this case the Corporate Committee for Business Continuity will form a Corporate
Crisis Team who will issue guidance for the whole of the Quadient business, worldwide. A local Crisis Team will
also be formed in the UK to review and distribute this guidance and implement any specific measures which are
contained within it.
Response plans and processes in such situations must be flexible and reactive to the situation as it develops. In
the case of infectious disease this will involve the introduction of prevention processes such as issuing hygiene
advice to staff, deep cleaning premises and avoiding large gatherings.
The discovery of the disease within premises occupied by Quadient UK Ltd will normally result in the
evacuation of the premises to prevent further spread, and to allow deep cleaning to take place.
By making best use of current technology and accessing data and systems through the cloud, most of the
identified critical processes can be operated simply by arranging for employees to work from home. This can be
achieved quickly and effectively and will achieve resumption of the key processes with the minimum of
disruption.
Where the infection is discovered in premises occupied by a customer, processes that require staff to travel to
those premises will be reviewed to assess the risk and take appropriate action.
Advice and information will be taken from official websites in such a situation. For example:
https://www.gov.uk/
https://www.nhs.uk/
When a developing disruptive situation arises, such as epidemic or pandemic disease, Quadient UK Ltd will
prepare and distribute a specific policy to provide customers, employees and other interested parties with all
the relevant information about how we will respond to the situation and how we plan to continue to provide
our critical business processes.
This document will be reviewed and updated as the situation develops. The response plan to the Novel
Coronavirus (COVID-19), in March 2020, is an example of this type of plan.
5.3 Business Resumption
Quadient UK Ltd actively employs agile working practices and uses the latest infrastructure technology which means that the reaction to many disruptive incidents will be to arrange for employees to work from home and continue to provide the identified critical processes. This will result in the minimum, or even zero disruption to these processes.
However, this cannot be used as a permanent solution and this section provides the approach to restoring the primary site or establishing an alternative site if required.
The extent and timing of the recovery activities will vary depending upon the nature of the disruptive incident. Actions taken must be planned and coordinated to occur in parallel in order to establish stable operations within the minimum timescale. Detailed activities are contained in Section 6: Procedures.
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 24/50
If it the decision is made to relocate the DCS Managed Services operation to the DR site in Birmingham for the duration of the incident, this decision must be communicated as soon as possible so that the DR site can be made ready. Key Managed Services employees will then be relocated and the data and applications accessed from the new location.
A decision to either re-establish the primary site or occupy an alternative site should also be made as soon as practically possible after a disruptive incident occurs. This allows all the affected areas to adapt their procedures and staffing according to the expected length of the outage. This may, however, not fall within the predetermined MAO because a situation can develop and a site, initially reported as usable, may be declared unsafe following further investigations or occurrences.
The alternatives to be considered are:
1. Whether the primary site is to be restored to original operating status. This may require the repair, rebuild of IT infrastructure or the establishment of new IT infrastructure.
2. If the decision is made to source a new primary site is chosen, this will require:
• Locating suitable premises
• Analysis and risk assessment of the new site for suitability, taking all requirements of the business into account
• Drawing up of lease agreements
• Fit-out of the new premises
• New arrangements with suppliers and service providers to be established
• Establishment of new IT infrastructure in accordance with current requirements and specifications
An undertaking of this magnitude will not be achieved in a short timescale. Therefore the Management Team, with the assistance of the other recovery teams, will continually review the situation and make the necessary interim decisions to relocate employees to other regional offices or to work from home. A short-term lease, or leases, may be established for office and/or production facilities to cover the period until the new primary site is available.
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 25/50
Figure 12: Business Resumption Process
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 26/50
5.3.1 Debriefing
Prior to closure of the BCP activation and standing down of the Recovery Teams, a debriefing of all participants should be conducted. A debriefing will ensure that:
• all required recovery and normal business resumption tasks have been performed
• ongoing system, business and client impacts are being addressed
• Quadient UK Ltd can ascertain and understand the cause, nature and impact of the disruptive incident on the organisation
• financial impacts are clearly identified and documented for insurance claims
• lessons learned are clearly identified and incorporated into a knowledge database for future BCP development and incident management
• deficiencies in the current process are clearly identified in such a way that projects can be established to rectify them or mitigate them.
A report should be produced covering the above-mentioned aspects. This should be contained in a central knowledge register with lessons learned incorporated into a new BCP.
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 27/50
6 Procedures
Note: throughout this section of this document, ‘Time Elapsed’ refers to the time, in working hours and days, from the first report of a significant disruptive incident to the Management team.
6.1 Management Team
The applicable management team - Head Office and Regional Offices or DCS - is responsible for the entire incident recovery process; from when the team is brought together until the all in-scope services have been returned to the primary site or a new location. The Management Team Leader or delegate, with input from other relevant personnel, has the exclusive authority to activate the BCP. See Section 1.1; Authority to Activate this Plan.
The Management Team will make strategic and tactical decisions, ensure adherence to legal requirements and provide any necessary funding to assist the recovery process.
This team decides on the communication process with the other recovery teams and ensures that the process is followed.
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 28/50
6.1.1 Management Team Actions
Item Action Responsible Time Elapsed
Comments
1 Following a reported incident, gather known information and convene a meeting with the Recovery Teams to appraise them of the situation.
Management Team leader
≤2 hours This may be a physical, phone or Microsoft Teams® meeting for example.
2 Obtain a full report of the nature and extent of the disruptive incident and any injuries that may have occurred.
Management Team leader
≤6 hours Obtain as much information as possible about the event and its potential effects. If the event relates to the premises, establish the usability of the building: safety of staff and others.
3 Make initial assessment to establish if the MAO will be breached, the usability of the premises and the required actions.
Decide whether, and how, to activate BCP.
Management Team leader
Director QMS & Transformation
≤8 hours This can be full activation with Recovery Teams working remotely or partial activation as necessary.
4 On BCP activation, communicate details of the incident and decision to activate BCP to all Recovery Teams and applicable managers.
VP & Operations Director
Finance Director
≤8 hours Includes extent of activation and the actions to be initially carried out by each of the Recovery Teams and other key employees required to deliver the critical business processes. See contact details in Appendix A.
5 Create and deliver incident and resumption communication for employees
HR Director 1 day This should provide information on the incident and the actions to be taken by employee groups. Managers of critical processes will be made aware separately and will provide further details as necessary.
Content should be provided to IT, for emailing to all employees and placed on the Quadient Hub or other media, as appropriate. This will require regular updates as the situation develops and returns to Business As Usual.
6 Create and deliver incident and resumption communication for all other recipients, e.g.:
• Other Quadient entities
• Management of building and surroundings
• Customers
• Suppliers
• The media
HR Director 1 day This communication is likely to be necessarily brief given the timescale it is delivered within. Further bulletins will be required to update applicable parties as the situation develops and returns to Business As Usual.
Classification: PUBLIC
Document name: Business Continuity Plan
© Quadient Page 29/50
Item Action Responsible Time Elapsed
Comments
7 Set meeting and reporting schedule for Recovery Teams
Management Team
1st day Subsequent meetings will depend on the incident and the location of Management Team members. The Recovery Teams should be informed of what, how and when to report.
8 Liaise with other Recovery Team members and any other necessary agencies to continually gather information about the development of the incident.
Management Team
As required
9 Make strategic decision relating to:
• relocating the DCS Managed Service function to the DR site
• carrying out repairs the primary site
• locating and setting up alternative premises as necessary
Management Team
As required
10 Make strategic and tactical decisions relating to resumption of all business processes and direct others as applicable.
Management Team
As applicable
11 Provide necessary funds to return to BAU Finance Director As required
12 Coordinate with Recovery Teams to return to BAU Management Team
As applicable
13 Return to BAU Management Team
As applicable
14 Following return to BAU, review BCP processes and document any lessons learned
Management Team
As applicable
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 30/50
6.2 First Responder Team
The First Responder Team (FRT) is a mixed team, trained to react to a set of circumstances preventing the delivery of customer-facing critical business processes. Their aim is to restart the provision of these processes, including franking machine recrediting services, within the target time: the Recovery Time Objective. These services must be delivered to at least to the minimum acceptable level, until a return to business as usual.
The team is drawn from various departments who normally provide the services. Their skill level is such that a small number of staff can provide all of the critical services to an acceptable level.
The First Responder Team is able to work in the Head Office building or at their own homes, dependent upon the nature and extent of the actual disruptive incident. Their primary responsibility is to continue to provide customers with an effective service.
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 31/50
6.2.1 First Responder Team Actions
The following applies for every foreseeable disruptive incident whether it affects: People, IT or Premises.
Item Action Responsible Time
Elapsed
Comments
1 Liaise with Management Team to provide initial
assessment of an incident
FRT leader ≤2 hours Includes description of disruptive incident indicating severity and likely
duration.
This will be appropriate only if the incident relates to functions within the
working practices of the FRT.
2 On notification of activation of the BCP, have
prepared a workload plan for team and other
department employees.
Team leaders
within the FRT
≤8 hours The FRT is a team within a group of departments. Many employees in these
departments are able to work remotely even if they are not designated as
part of the FRT.
This is an initial plan which may change or develop as the incident and
actions progress.
3 Contact each FRT member, using call tree, and
appraise them of situation
Team leaders
within the FRT
1 day The call tree cascades down such that each functional team leader will call
their direct reports
4 Nominate communications representative and
appraise them of communications plan
FRT leader 2nd day Devise an appropriate plan for regular communications with the
Management Team. Ensure contact numbers are available.
5 Set review meeting timetable FRT leader 2nd day Decide method, frequency and times for team meetings to check progress
and take remedial action if necessary.
The following steps relate to a situation where the Head Office is unusable. These steps can be modified to allow working from the office instead of from home
5 Set up operations in team members’ homes.
Connect to required apps data through cloud or
online links.
Check that all systems are available and that an
effective telephone system is operational.
FRT 2nd day Team members have been provided with adequate IT equipment for the task
and are compliant with relevant security policies. Team members must
comply with all ISMS polices particularly the Acceptable Use Policy and the
Home Working Policy
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 32/50
Item Action Responsible Time
Elapsed
Comments
6 Provide customer contact services (critical business
processes) and key franking machine recrediting
processes to any customers who require assistance
• Initial credit
• Banking
• Customer support: technical
• Customer support: account maintenance
• Asset withdrawal
FRT By RTO Systems should be available as normal. If any problems are discovered,
contact the IT Team by email of phone.
Carry out those activities agreed as critical so that existing customers are
able to recredit their franking machines.
Cashiers manager must ensure that bank cards, card readers and pin
generators are available to staff
7 Participate in regular team meetings FRT As reqd.
8 Return to BAU FRT As reqd. When instructed by FRT leader.
9 Review BCP processes and document any lessons
learned
FRT As reqd. Provide detailed feedback of how well the BCP worked.
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 33/50
6.3 IT Team
The IT Team (ITT) includes hardware, software, network and communications experts drawn from the entire IT departments responsible for all Quadient UK Ltd business units.
The expertise possessed by this team is critical to understanding the nature and extent of a disruptive incident and is equally fundamental in the recovery and business resumption stages. The team will evaluate an incident, report its findings to the Management Team and assist with the decision making needed for a full recovery.
The ITT must be on hand to support the other recovery teams and any employee involved in delivering critical processes, so early communication between the teams is critical.
The first objective of the ITT is to ensure that the FRT, and any employees involved in delivering critical business processes, are able to provide the minimum acceptable level of service to customers, including those who need to recredit their franking machines using the Credifon system.
Most internal ‘customers’ of the ITT are assumed to be agile workers setting up in their homes in the absence of a normal place of work, however, the DCS Managed Services function is a special case which utilises a Disaster Recovery site in the Birmingham Regional office. The ITT would be required to provide prompt technical assistance to ensure that this function became operational again as soon as possible.
The second team objective is to recover any lost or damaged infrastructure, data and applications which may involve repair or rebuilding of systems remotely or on-premise, in the Cloud or, in extreme situations, by transferring operations to an alternative location.
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 34/50
6.3.1 IT Team Actions
The following applies for every foreseeable disruptive incident whether it affects: People, IT or Premises.
Item Action Responsible Time
Elapsed
Comments
1 Liaise with Management Team to provide initial
assessment of an incident
ITT Team Leader ≤2 hours Description of disruptive incident indicating severity and likely duration.
This will be appropriate if the incident relates to functions involving or
requiring IT services.
2 Carry out a detailed investigation of the extent and
severity of an incident and report to the
Management Team
ITT ≤6 hours Safety of people must take priority over any other factor.
Must include an assessment of whether the MAO will be breached and will
allow the Management Team to decide if the BCP should be activated.
3 On notification of activation of the BCP, have
prepared a workload plan for team.
IT Team Leader ≤8 hours This is an initial plan which may change or develop as the incident and
actions progress.
4 Contact each ITT member, using call tree, and
appraise them of situation
ITT Team leader 1 day The call tree cascades down from the initial notification by the Exec member
to functional team leaders and individuals; see call trees - Appendix B.
5 Deliver email communication, received from HR
Director, to all employees.
ITT Team Leader 1 day
6 If the disruptive incident causes the prolonged
failure of the Managed Services operation at DCS,
set up DR facilities in Birmingham office.
Provide support to Managed Services as required.
Provide server IP addresses to Manages Services to
access from DR site.
ITT 2 days
7 Nominate communications representative ITT Team leader
2 days Devise an appropriate plan for regular communications with the
Management Team. Ensure contact numbers are available.
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 35/50
Item Action Responsible Time
Elapsed
Comments
8 Set review meeting timetable ITT Team leader
2 days Decide method, frequency and times for team meetings to check progress
and take remedial action if necessary.
9 Monitor and evaluate situation and the effect on IT
infrastructure and applications
ITT
Facilities Team
2 days This is an initial plan which may change or develop as the incident and
actions progress
The following steps relate to a situation where the primary site is unusable. If applicable, these steps can be modified to allow working from the site.
10 If access to primary site is compromised, set up
operations in team members’ homes as necessary
ITT 2nd day All team members have been provided with IT equipment which is adequate
for the task and compliant with the relevant security policies. Team
members must ensure they comply with all ISMS polices, particularly the
Acceptable Use Policy and the Home Working Policy
11 Advise all other IT staff, not given recovery tasks, to
be on standby at home
Communication
Representative
2nd day This is current practice for these members of staff and no additional actions
or controls are required.
12 Provide IT support to FRT to ensure that all in-scope
applications are available to allow continuation of
critical processes and recrediting services
ITT
Start of
Day 3
Until BAU
All IT applications listed in the ‘IT Application Risk Assessment’ must be
available and operative by the start of the 3rd day following the reported
incident.
13 Provide IT support to FRT to ensure that all in-scope
networks and systems are available to allow
continuation of critical processes and recrediting
services
ITT Start of
Day 3
Until BAU
Nominate team members to recovery tasks as necessary
14 Provide IT support to agile employees to ensure that
all in-scope applications are available to allow
continuation of critical business processes
ITT 3rd day
until BAU
All IT applications listed in the ‘IT Application Risk Assessment’ must be
available and operative by the start of the 3rd day following the reported
incident.
15 Provide IT support to FRT to ensure that all in-scope
networks and systems are available to allow
continuation of critical business processes.
ITT 3rd day
until BAU
Nominate team members to recovery tasks as necessary
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 36/50
Item Action Responsible Time
Elapsed
Comments
16 Recover all compromised IT systems, equipment,
software, hardware and data
ITT
Facilities Team –
if required
As soon as
possible
This action is entirely dependent on the nature and extent of the disruptive
incident.
The ITT may have to work closely with other departments to recover lost
data or mitigate its effects.
17 Salvage and recover primary site if possible.
If not possible, work with other Recovery Teams to
source alternative interim and permanent premises.
ITT
Facilities Team
As soon as
possible
This action is entirely dependent on the nature and extent of the disruptive
incident.
18 Source, plan, and assist with fit-out of alternative
interim or permanent premises
Facilities Team
Management
Team
ITT
As
required
19 Provide all necessary supplies, contracts, parts and
equipment to alternative premises
Facilities Team
Management
Team
ITT
As
required
20 Return to BAU ITT As
required
When instructed by Management Team
21 Review BCP processes and document any lessons
learned
ITT As
required
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 37/50
6.4 Facilities Teams
Responsibility for facilities management lies with the team managed by the Director of QMS and Transformation, based in the Head Office in Stratford, London. However, a small team also exists in the DCS site in Slough, Berkshire, to provide local support and knowledge.
Although these teams operate autonomously, their functions are broadly similar and this section will combine their actions under the BCP except where there are substantial differences
In the event of a significant disruptive incident affecting any Quadient UK Ltd premises, or access to them, a Facilities Team (FT) member should, firstly, inform a member of the Management Team and then stay close to the scene to gather information and to provide any necessary guidance and assistance.
Safety of people must take priority, and the Emergency Services should be called if necessary. The FT member should remain in place, if possible, to help direct them on arrival.
If evacuation is necessary, all personnel should immediately proceed to the prearranged Assembly Point, well clear of the building. If there have been any injuries, people who can offer first aid and medical help should be informed as quickly as possible.
Following the occurrence of a significant disruptive incident the expertise of the Facilities Team is critical to understanding its nature and severity. The FT will evaluate the incident, report their findings to the Management Team and assist with the decision making needed to assist a full recovery.
The team’s objective is to recover any lost or damaged buildings and infrastructure. This may involve repair or construction work within the existing premises or, in extreme situations, transferring operations to an alternative location which will include managing the fit-out and commissioning of services and equipment.
The FT will also ensure that, if the primary site become unavailable, incoming post is held in a local sorting office awaiting collection by a member of staff. This will then be sorted and delivered manually as required.
For the Head Office, any financial Credifon-related documents will be passed to a Cashier member of the FRT without delay. For DCS, post would need to be forwarded, or couriered, to the DR site in Birmingham.
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 38/50
6.4.1 Facilities Team Actions
The following applies for every foreseeable disruptive incident whether it affects: People or Premises.
Item Action Responsible Time Elapsed
Comments
1 Liaise with Management Team to provide initial assessment of an incident
FT Member or Team Leader
≤2 hours Description of disruptive incident indicating severity and likely duration.
Emergency services should be called and given assistance as a priority if that is necessary.
2 Carry out a detailed investigation of the extent and severity of an incident and report to the Management Team
FT Team Leader ≤6 hours Safety of people must take priority over any other factor.
Must include an assessment of whether the MAO will be breached and will allow the Management Team to decide if the BCP should be activated.
3 On notification of activation of the BCP, have prepared a workload plan for team.
FT Team Leader ≤8 hours This is an initial plan which may change or develop as the incident and actions progress.
4 Contact each FT member, using call tree, and appraise them of situation
FT Team leader 1 day The call tree cascades down from the initial notification by the Exec member to the functional team leader and individuals; see call trees - Appendix B.
5 Nominate communications representative FT Team leader 2 days Devise an appropriate plan for regular communications with the Management Team. Ensure contact numbers are available.
6 Set review meeting timetable FT Team leader 2 days Decide method, frequency and times for team meetings to check progress and take remedial action if necessary.
7 Liaise building or campus management to gain insight into the ongoing status of the incident
Team Leader 2 days Until BAU
Building inspectors will report to the management agent with information relating to if, and when, the building can be reoccupied.
8 If access to primary site is compromised, set up operations in team members’ homes as necessary
FT 2 days All team members have been provided with IT equipment which is adequate for the task and compliant with the relevant security policies. Team members must ensure they comply with all ISMS polices, particularly the Acceptable Use Policy and the Home Working Policy
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 39/50
Item Action Responsible Time Elapsed
Comments
9 If the disruptive incident causes the prolonged failure of the Managed Services operation at DCS, set up DR facilities in Birmingham office.
Provide support to Managed Services as required.
ITT 2 days
10 Arrange storage and collection of incoming mail at local sorting office.
Facilities Team 2 days
11 Collect, sort and delivery incoming post where it is of an urgent nature.
Nominated team member
Daily
12 Stratford Head Office: deliver cheques and remittances etc. to Cashiers members of FRT,
Nominated team member
Daily
13 Plan recovery operations, including inspection and quotation for: construction, minor repair, decoration, reconnection of utilities, supplies of equipment and consumables
Facilities Team Until BAU Liaise with Management and IT Recovery teams throughout
14 Source and engage suppliers and contractors. Manage progress of the work through to successful completion.
Facilities Team Until BAU Liaise with Management and IT Recovery teams throughout
15 If the primary site is inaccessible and new premises are required, assist with sourcing, fit-out and commissioning of the alternative premises.
Facilities Team
Management Team
IT Team
As required
Alternative premises may be a short-term temporary lease or a new primary site. The timescale and effort required for these two options will be vastly different.
16 Source suppliers and set up provision of all necessary supplies, service contracts and consumables to the recovered or alternative premises
Facilities Team
Management Team
IT Team
As required
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 40/50
Item Action Responsible Time Elapsed
Comments
17 Return to BAU Facilities Team As required
When instructed by Management Team
18 Review BCP processes and document any lessons learned
Facilities Team As required
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient
Page 41/50
6.5 Managed Services Team - DCS
The Managed Services Team – DCS, (MST), is a compact group which comprises the management and leadership staff of the operational unit.
Following BCP activation, this team will ensure that the Managed Services processes are delivered to customers with the minimum of disruption, in accordance with contractual requirements are far as reasonably practicable.
This includes scanning and workflow services for hard and soft copy documents which are currently delivered for processing to the DCS primary site in Slough, Berkshire. Due to the requirement to process hard copy documents this operation cannot be fully agile, hence a physical building and processing equipment must be available.
If the primary site in Slough is unavailable, the MST will work with local and Head Office teams to set up operations at an alternative facility; the Disaster Recovery (DR) Site. The DR site is located in the Birmingham Regional Office.
In the event that this DR site needs to be occupied by DCS Managed Services, the MST must inform the Birmingham Office Manager and the Director QMS and Transformation, as soon as possible, so that the necessary preparations can be made. The location for this operation will be secured such that only Managed Services – DCS staff will have access to it, except in an emergency.
Once the DR site has been set up, further arrangements must be made by the MST to relocate some of the Managed Services staff and to divert the delivery of documents to it.
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 42/50
6.5.1 Managed Services Team - DCS Actions
The following applies for every foreseeable disruptive incident whether it affects: People, IT or Premises.
Item Action Responsible Time
Elapsed
Comments
1 Liaise with Management Team - DCS to provide
initial assessment of an incident
MST Team Leader ≤2 hours Description of disruptive incident indicating severity and likely duration.
This is appropriate if the incident relates to the Managed Services functions.
2 Carry out a detailed investigation of the extent and
severity of an incident and report to the
Management Team - DCS
MST
Facility Team -
DCS
≤6 hours Safety of people must take priority over any other factor.
Must include an assessment of whether the MAO will be breached and will
allow the Management Team - DCS to decide if the BCP should be activated.
3 On notification of activation of the BCP, have
prepared a workload plan for team.
MST Team Leader ≤8 hours This is an initial plan which may change or develop as the incident and
actions progress.
4 Contact each MST member, using call tree, and
appraise them of situation
MST Team leader 1 day The call tree cascades down from the initial notification by the Exec member
to the functional team leader and individuals; see call trees - Appendix B.
5 If the primary site is inaccessible, the Validation and
Scanner PCs at the DR site must be booted up and
configured to access the relevant servers.
MST Team leader 2 days If the Slough primary site is inaccessible but the comms room and servers are
still operational, it is these servers that will be accessed. If the comms room
is also unavailable, the backup servers must be accessed.
6 An emergency team of Managed Services staff must
be relocated in the Birmingham office (DR site),
either by commuting daily or finding local
accommodation for a longer period.
MST 2 days Up to 5 validation staff, a scanner operator and functional management will
occupy the DR site; see Section 6.5, above, for location address.
Key contracts can be managed for a period of time. The acceptable period of
DR working depends on the contracts current at the time.
7 Return to BAU MST As
required
When the primary site is restored, or an alternative site commissioned,
relocate the Managed Services function and return to full production.
8 Review BCP processes and document any lessons learned
Facilities Team As required
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 43/50
6.6 Other (Agile) Employees
For all other critical business processes, not addressed by the Recovery Team actions above, the necessary
resources required to continue providing these processes are not dependant on access to any business
premises.
Risk assessment has considered the Resilience, Risk and Recovery of all assets which are required to continue
to operate these processes, and has demonstrated that the applications, infrastructure and data required are
less likely to be compromised, are sufficiently protected by backups and/or can be recovered in less time than
required for the MAO.
All employees engaged in providing these processes are termed as ‘agile’, meaning that they are equipped with
IT hardware and software which allows them to work remotely without detrimental effect to their
performance.
Following activation of the BCP, these employees will be contacted directly by their functional managers – or
by the global email delivered by the IT department, and will work from their homes, provided that an adequate
broadband facility is available.
Each member of staff has received training and is aware of the security policies in force within Quadient UK Ltd
– particularly the Acceptable Use Policy and the Home Working Policy - and will ensure that levels of security
will be maintained which are at least as high those provided within their applicable places of work.
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 44/50
7 Maintenance and Testing
7.1 Maintenance of BCP Documentation
The BCP will be reviewed and updated at least annually, or when a significant business change occurs.
The Director of QMS and Transformation will:
• Obtain assessments of the conditions, status, capabilities and availability of IT infrastructure and applications including the availability of backups.
• Use the above to update the IT and BCP Risk Assessments
• Perform studies requested by the Management Team to improve the efficiency of equipment and IT systems recovery procedures.
• Prepare periodic status reports for the Management Team.
• Plan and coordinate BCP testing and prepare test results and recommendations for plan improvement.
• Maintain and distribute this plan.
In order to ensure that the BCP remains current, all changes and revisions must be reviewed and approved by an Executive Director.
A regular Exec. review of the whole plan will form part of the BCP testing process. The Exec. may deputise others to carry out this review and present a report for their approval. Details of the items to be considered in the review are given in Section 7.3: BCP Testing.
7.2 DCS Managed Services Disaster Recovery Testing
Due to the nature of some functions within DCS Managed Services physical scanning equipment and the presence of a number of operators is a necessity. This has been accommodated by providing a Disaster Recovery site in the Birmingham Regional office, setting up the necessary communications infrastructure and purchasing redundant equipment which is securely stored at the office.
Because of this added complexity, and the need for a number of staff who would have to be relocated to this office, special tests have been scheduled.
On a quarterly basis, a member of the Managed Services Team will travel to the Birmingham office to boot up all PCs and scanning equipment and ensure that in connects to the servers at the primary site. Failover to the backup servers will be also be checked by a prearranged protocol managed by the IT department.
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 45/50
7.3 BCP Testing
The BCP will be tested in accordance with the following schedule.
Test Description Objectives Responsible Frequency
Initial Walkthrough
A step-by-step consideration of the Recovery Teams’ Action Plans with reference to the Business Continuity Plan document.
Ensure that the Action Plans are workable, complementary and do not contradict each other or the BCP document
Once at launch
Full Walkthrough
An end-to-end consideration of the Business Continuity Plan document and the Recovery Teams’ Action Plans using theoretical event scenario(s).
1. Ensure the plan can work for a range of foreseeable incidents 2. Ensure that the teams know what to do in each scenario 3. Check we can meet the MAO of 3 days
Annual
Call Tree test Use call trees to phone team members, using a pre-prepared script, starting from the top. This represents the BCP being activated.
Ensure that all phone numbers are valid Ensure recipients answer calls Evaluate and report the probable success if this was a real event.
At launch and annually
IT Infrastructure and Application Risk Assessment
Review of the IT Infrastructure and Application Risk Assessments to ensure that they are up to date and include all current and necessary IT systems and applications necessary for the critical business processes.
To ensure that IT Risk Assessments remain valid for each application and IT infrastructure element which was considered. Review the values chosen for likelihood and consequence. Review the completion and effectiveness of control measures. Add any additional IT considerations to the RA. Ensure that the information provided in Appendix C, System recovery Requirements is correct and up to date.
Annual
BCP Risk Assessment
Review of the BCP Risk Assessment to ensure it is up to date and includes all current risks and that the itemised controls are appropriate and implemented.
To ensure that Risk Assessment remains valid for each area that was considered.
Review the values chosen for likelihood and consequence to ascertain that they remain correct.
Review the completion and effectiveness of control measures and add any additional considerations to the risk assessment which may have become relevant.
Annual
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 46/50
Test Description Objectives Responsible Frequency
Annual Exec Review
Overview of entire plan by the board of directors.
This review comprises the following sections:
To ensure the plan remains current and applicable and in line with current and future business strategy.
Review and approve recovery strategy, including RTO and MAO.
Ensure Business Resumption process remains applicable.
Annual
Business Impact Analysis
Review of all process BIAs and the list of critical business processes to ensure they remain up to date.
Confirm RTO for each remains applicable.
To ensure that Business Impact Analysis remains valid for each team which was considered.
To add any additional considerations to the BIA which may have become relevant.
Annual
Procedures Review
Review of Section 6, Procedures.
To ensure that the procedures documented for the each of the Recovery Teams remains valid and up to date.
Review, with consideration of: Appendices: A, Key Contacts List and B, Call Trees remain current.
Check content of BIAs to ensure they remain valid and in agreement with above.
Annual
Document Review
Review of BCP document to ensure locations, personnel and scope remain valid. Detailed review of Sections 1 to 4: Activate the Plan, Overview, Organisation and Roles and Responsibilities.
To ensure that changes which have taken place in the relevant areas of the business are accurately reflected in the BCP document.
Annual
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 47/50
APPENDIX D – Media Management
Procedures for Dealing with the Media
When a crisis occurs, the media may cold-call staff. Staff should avoid providing information to the media directly as this could lead to different versions of events being provided by different people. In the event of calls being received, follow the procedures below.
• Take down the name, organisation and contact numbers for the media person calling and advise them that “a spokesperson will be in touch with them as soon as possible.”
• Responses must be polite but advise that you are not in a position to assist them. However, you will ensure that a company spokesperson will be calling them back.
• It is important to clearly identify the publication and contact details.
• Following an activation of the BCP staff should avoid giving out contact details of senior company management or others within the company.
• Pass the names and contact details of any media callers to the Communications Manager.
• The Communications Manager will provide consistent communications to any media callers
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 48/50
APPENDIX E – Event Log
Use the log below to record events during an activation of the BCP. This can be used during the debriefing and lessons learned phase.
ELAPSED
TIME
SINCE
Incident
BCP Ref.
RECOVERY TASK
TEAM
ACTUAL
START
TIME
ACTUAL
END
TIME
COMMENTS/PROBLEMS
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 49/50
Glossary
ACTIVATION: The implementation of the procedures, activities, and plans described in the BCP in response to an emergency or a significant disruptive incident.
ALERT: Notification that a potentially significant disruptive incident situation exists or has occurred; direction for the recipient to stand by for possible activation of the BCP.
ALTERNATIVE SITE: An alternative operating location to be used by business functions when the primary facilities are inaccessible.
ALTERNATIVE WORK AREA: Office recovery environment complete with office infrastructure (desk, telephone, workstation, and associated hardware, communications, etc).
APPLICATION RECOVERY: The component of BCP recovery that deals specifically with the restoration of business system software and data, after the processing platform has been restored or replaced.
BACKUP GENERATOR: An independent source of power, usually fuelled by diesel or gas.
BUSINESS AS USUAL (BAU). The normal execution of standard functional operations within an organization – forms a possible contrast to projects or programmes which might introduce change.
BUSINESS CONTINUITY: Process of developing advance arrangements and procedures that enable an organisation to respond to an event in such a manner that critical business functions continue to, at least, the minimum acceptable standard.
BUSINESS CONTINUITY PLAN (BCP): The document that defines the resources and actions required to manage the business recovery process in the event of a disruption. The plan is designed to assist in restoring the business process within the stated recovery goals.
BUSINESS CONTINUITY PROGRAM: An ongoing program supported and funded by executive staff to ensure business continuity requirements are assessed, resources are allocated, and recovery and continuity strategies and procedures are completed and tested.
BUSINESS IMPACT ANALYSIS (BIA). A systematic process to determine and evaluate the potential effects of an interruption to critical business operations as a result of an outage, disaster, accident or emergency.
COLD SITE: An alternative facility that already has the environmental infrastructure in place required to recover critical business functions or information systems, but does not have any pre-installed computer hardware, communications network, etc. These must be provisioned at time of disruptive incident.
COMMAND CENTRE: Facility, separate from the main facility, and equipped with adequate communications equipment from which initial recovery efforts are manned and media-business communications are maintained. The management team may use this facility temporarily to begin coordinating the recovery process until any alternative sites are functional.
CONTACT LIST: A list of team members and/or key players to be contacted. (Mobile Number, Home Number, Pager, etc.)
DAMAGE ASSESSMENT: The process of assessing damage, following a disruptive incident, to computer hardware, records, office facilities, etc and determining what can be salvaged or restored and what must be replaced.
DECLARATION: A formal announcement by authorised personnel that a disruptive incident or severe outage is predicted or has occurred, and that the Business Continuity Plan has been activated.
DISASTER RECOVERY: Activities and programs designed to return Quadient UK Ltd operations to an acceptable condition. The ability to respond to an interruption in services by implementing a disaster recovery plan to restore Quadient UK Ltd critical business functions.
Classification: PUBLIC
Document name: Business Continuity Plan
©Quadient Page 50/50
DISASTER RECOVERY PLAN: The document that defines the resources and actions required to manage the business recovery process in the event of a disruption. The plan is designed to assist in restoring the business process within the stated recovery goals.
DISRUPTIVE INCIDENT: An unplanned debilitating or catastrophic event causing significant damage or loss. Any event that causes an organisation to be unable to provide critical business functions for a pre-determined period of time.
EMERGENCY: A sudden, unexpected event requiring immediate action due to potential threat to health and safety, the environment, or property.
HOT SITE: An alternative facility that already has the computer, communications and environmental infrastructure in place that are required to recover critical business functions or information systems.
INVOCATION: The implementation of the procedures, activities, and plans described in the BCP in response to
an emergency or a significant disruptive incident.
MAXIMUM ACCEPTABLE OUTAGE (MAO): The maximum acceptable outage is the amount of time that
can elapse before an adverse impact becomes unacceptable or intolerable. In this context, an adverse
impact is caused by failure to provide products or services or to perform an activity. The MAO encompasses all
activities from point of impact to point of resumption of critical services.
MAXIMUM TOLERABLE PERIOD OF DISRUPTION (MTPD): The maximum acceptable outage is the amount
of time that can elapse before an adverse impact becomes unacceptable or intolerable. In this context,
an adverse impact is caused by failure to provide products or services or to perform an activity. The MAO
encompasses all activities from point of impact to point of resumption of critical services.
OFF-SITE STORAGE: Alternative facility, other than the primary site, where duplicate vital records and documentation may be stored for use during recovery from a disruptive incident.
RECOVERY POINT OBJECTIVE (RPO): The point in time to which systems and data must be recovered after an outage (e.g., end of the previous day’s processing). RPOs are often used as the basis for the development of backup strategies.
RECOVERY TEAM: The Recovery Team is made up of a number of separate sub-teams and comprises key executive directors as well as employees in relevant roles (e.g. Communications, Facilities and IT).
RECOVERY TIME OBJECTIVE (RTO): The period of time within which systems, applications or functions must be recovered after an activation of the BCP. RTOs are often used to determine whether or not to implement the recovery strategies and plan.
WARM SITE: An alternative processing site which is equipped with some hardware, and communication interfaces, electrical and environmental infrastructure which is only capable of providing backup after additional provisioning, additional software, or modifications.