Business Continuity Policy

Introduction

This policy aims to maintain the continuity of SPS Security Ltd, "the company's", activities, systems, installations, facilities and procedures in the event that they undergo any kind of disruption by an unexpected factor, so that the company can return to its normal operation in a minimal amount of time while taking into full account the consequences any delay may bring to the quality of its services, reputation and financial stability.

This policy aims to ensure that:

  • the concept of Business Continuity and the policy of our company remain comprehensible for all associated parties.
  • the internal and external dependencies of the company's activities as well as the expectations of the customers, suppliers, associates, personnel, shareholders and the relevant state authorities are acknowledged.
  • emergency plans are being meticulously developed to ensure that the continuity of the company’s activity is restored in the event of the unexpected disruption of the services provided and that this is carried out at an acceptable level.
  • emergency plans are regularly tested, monitored and updated.
  • the relevant personnel training courses are implemented.

Goals

The goals of Business Continuity Management are to ensure that the Company:

  • fully comprehends the critical nature of its activities and maintains the ability to continue its work within the agreed time-frames through the implementation of an emergency plan.
  • showcases an increased amount of resilience during an incident by protecting critical assets and data (electronic and other) through a coordinated management and recovery approach.
  • is able to minimize the repercussions of an incident, using the relevant plans and schemes to respond in an emergency.

Application Field

All the activities of the company, regardless the location they are being carried out, must comply with the requirements of this Policy.

The policy applies to all the departments of the company. All members of the staff need to become aware of the contents of this policy.

Aim

The Business Continuity Policy of SPS Security Ltd aims to provide the framework through which:

  • an integrated Business Continuity Management System is established and maintained.
  • it is ensured that critical services and activities, their support resources and interdependencies are identified.
  • the risks in the processes and activities of the company are assessed and evaluated as well as analysing the repercussions that may occur for the company in case of disruption of an activity.
  • a framework to ensure the continuity of the basic services at a minimum acceptable level is developed within the specific time-frames, following an incident.
  • business continuity plans are documented and the communication with the customers is established and maintained after an incident.
  • Business Continuity Plans are ensured to be subject to ceaseless evaluation, improvement and review.
  • the top management officers are able to ensure that the Business Continuity Management System remains up to date and effective.

Policy Statement

  • Each service within the company must be carried out by the relevant department where the roles and responsibilities are comprehensible and clearly defined.
  • The Business Continuity Coordinator provides an annual overview of the Business Continuity Management System. The Business Continuity Management and Crisis Management Committee will monitor the review process, make a comparative assessment of the results and provide support where necessary.
  • The Business Continuity Coordinator must test the Business Continuity Plan at least once a year and make alterations where necessary in order for the test results to be taken into account.
  • Contracts with suppliers and providers of critical services must include a requirement/clause for the implementation of the Business Continuity Plan, in a way that is satisfactory for SPS Security Ltd.
  • All members of the staff should become aware of the appropriate sections of the plan that affect their department and their part in the implementation of the Business Continuity Plan.
  • The main parties involved will be informed on the adjustments of the Business Continuity Plan upon the instance the services provided to them are affected.
  • The top management officers are committed to providing the resources needed to implement this policy.

Benefits and commitment

The Policy requires a clear and comprehensible commitment for the creation of a Business Continuity Management System which enables the company to:

  • carry on providing its critical services to its customers in the event of a pause in its operations following an incident.
  • utilize its personnel and other resources to the utmost in case of an emergency.
  • minimize the duration of a pause in its operations following an incident.
  • efficiently and effectively restore its operations following a pause in their execution.
  • improve the resilience of its infrastructure so as to reduce the likelihood of a pause in its operations and minimize the operational and financial impact after such a disruption.

Responsibilities

  • The General Manager and the Vice General Manager are responsible for answering to the Board of Directors for Business Continuity issues.
  • The implementation of the policy is carried out by the Business Continuity Management and Crisis Management Committee through the Business Continuity Management System.

The Business Continuity Coordinator is responsible for:

  • revising and enhancing the policy according to the best practices of the industry and the needs of the company.
  • monitoring the performance of the Business Continuity Management System and its compliance with the established policy.
  • providing support and guidance to those involved in the implementation of the Business Continuity Management System.

Awareness and Culture

The company acknowledges that the Business Continuity Management System will be most effective when all members of the staff possess the appropriate level of awareness in dealing with unforeseen events and the implementation of immediate response plans.

The Business Continuity Coordinator should develop and implement, a staff awareness and training program and the appropriate training courses required to effectively implement the Business Continuity Management System.

Approval and Review

The Business Continuity Policy was approved by the Board of Directors in March 2020.

The policy must be reviewed and approved at least every two years.

The Business Continuity Management System of SPS Security Ltd has been brought into line with the ISO 22301: 2014 Standard, Business Continuity Management System.