View Document

Business Continuity Management Policy

This is the current version of this document. You can provide feedback on this document to the document author - refer to the Status and Details on the document's navigation bar.

Section 1 - Purpose

(1) This Policy specifies the approach and requirements for the management of business continuity in the University and its controlled entities (the MQ Group).

(2) This Policy forms part of and supports the implementation of the Business Continuity Management Framework.

Scope

(3) This Policy applies to the University and its controlled entities (the MQ Group), including:

  1. employees of the University including students when employed by the MQ Group;
  2. individuals conducting research under the auspices of the University including but not limited to staff and affiliates, students, visiting academics, and conjoint appointees;
  3. Emeritus, Honorary, Visiting, Adjunct, Conjoint, and Clinical title holders; and
  4. individuals otherwise engaged in the service of the University. This includes but is not limited to:
    1. consultants;
    2. individual contractors working for the University;
    3. employees of contractors providing services to the University; and
    4. other people who perform public official functions as representatives of the University whose conduct and activities could be investigated by an investigating authority, including volunteers.

(4) All individuals listed in clause 3 are collectively referred to within this Policy and any accompanying documents as staff and affiliates.

Top of Page

Section 2 - Policy

(5) The University is committed to implementing a systematic approach to the management of emergencies and other incidents that seriously affect or may seriously affect the University’s people, operations, or reputation.

(6) In accordance with the University’s priorities and overall resilience principles and policies, the University has a detailed Business Continuity Management (BCM) process in place.

(7) The University will develop, implement, and maintain a BCM framework which is a continuous process to:

  1. support the capability of the University “to continue the delivery of products and services within acceptable time frames at pre-defined capacity during a disruption” (ISO 22301:2019 Security and resilience — Business continuity management systems — Requirements)
  2. enable the University to have a consistent and coordinated approach to the University’s business continuity management; and
  3. ensure that staff and affiliates are aware of relevant disruption risks and are trained to understand their roles and responsibilities.

(8) The principles of the University's BCM process are to:

  1. establish robust arrangements and responsibilities aligned with related prioritised business activities to enhance overall organisational resilience;
  2. develop, implement, and maintain a BCM Framework based on the Business Continuity Institute Good Practice Guidelines (2018), and the ISO 22301:2019 Security and resilience — Business continuity management systems — Requirements;
  3. ensure that employees are trained in their preparation and response roles and responsibilities and have the necessary level of competence, authority, and resources required; and
  4. foster effective relationships with stakeholders to coordinate the response to a disruptive incident and support the continuity of prioritised business activities.

(9) The MQ BCM Framework (the Framework) defines how the University implements its BCM and the process (including roles and responsibilities) to be used. Prioritised business activities with a maximum tolerable period of disruption of up to one (1) week are within the scope of the Framework.

Top of Page

Section 3 - Procedures

(10) Nil.

Top of Page

Section 4 - Guidelines

(11) Nil.

Top of Page

Section 5 - Definitions

(12) Nil.