Comments

Document Feedback - Review and Comment

Step 1 of 4: Comment on Document

How to make a comment?

1. Use this Protected Document to open a comment box for your chosen Section, Part, Heading or clause.

2. Type your feedback into the comments box and then click "save comment" button located in the lower-right of the comment box.

3. Do not open more than one comment box at the same time.

4. When you have finished making comments proceed to the next stage by clicking on the "Continue to Step 2" button at the very bottom of this page.

 

Important Information

During the comment process you are connected to a database. Like internet banking, the session that connects you to the database may time-out due to inactivity. If you do not have JavaScript running you will recieve a message to advise you of the length of time before the time-out. If you have JavaScript enabled, the time-out is lengthy and should not cause difficulty, however you should note the following tips to avoid losing your comments or corrupting your entries:

  1. DO NOT jump between web pages/applications while logging comments.

  2. DO NOT log comments for more than one document at a time. Complete and submit all comments for one document before commenting on another.

  3. DO NOT leave your submission half way through. If you need to take a break, submit your current set of comments. The system will email you a copy of your comments so you can identify where you were up to and add to them later.

  4. DO NOT exit from the interface until you have completed all three stages of the submission process.

 

Business Continuity policy

Section 1 - Preamble

(1) This Policy is effective from 22 February 2018.

Top of Page

Section 2 - Purpose

(2) This Policy sets out the guiding principles under which Business Continuity is to be developed, implemented and managed to enable the University to establish and maintain an effective level of preparedness to respond to incidents that disrupt normal operations.

Top of Page

Section 3 - Scope

(3) This Policy applies across the University.

Top of Page

Section 4 - Policy

(4) The University is committed to ensuring that an effective business continuity management (BCM) program is implemented to minimise the disruption of activities due to the unavailability of  ‘business as usual’ resources, for example but not limited to:

  1. facilities, e.g. flood, fire, power outage, chemical spill, denial of access
  2. people, e.g. pandemic/epidemic, industrial action, extreme flu season
  3. vital records, e.g. electronic and hard copy records
  4. information and communications technology (ICT), e.g. computer hardware, applications and telecommunications
  5. equipment, e.g. cold rooms, research equipment, desks and chairs
  6. externally provided service or resource e.g. contractors, software vendors.

(5) BCM requirements will be assessed via a Business Impact Analysis (BIA) for activities undertaken by all Faculties and Portfolios. Impacts will be assessed in accordance with the Risk Management policy Schedule A: Risk Matrix.

(6) Activities assessed as having a recovery time objective of 15 days or less are deemed critical activities. Recovery steps for these activities and their associated resources will be included in the University’s Business Continuity Plan (BCP).

(7) Continuity of service provision must be adequately addressed for services, infrastructure, and/or any resources provided by an external party via certification arrangements, service level agreements and/or other contractual arrangements appropriate to the assessed level of risk.

Accountability

(8) The University Executive will demonstrate a high level of commitment to this Policy and support a culture aimed at building organisational resilience through the implementation and continued improvement of preparedness and response capabilities.

(9) The Executive Director, Campus Services, is responsible for centrally coordinating the BCM program.

(10) The Emergency Management Committee will provide strategic direction and oversight for BCM in accordance with the Critical Incident Management procedure.

(11) The Critical Incident Management Team will provide executive decisions and strategic direction on University priorities when responding to critical incidents affecting the University and managing related Business Continuity responses.

(12) Directors (or equivalent) and Faculty General Managers are the custodians of BCM capability within their area. Supported by Campus Services, they are responsible for the development, maintenance and validation of their specific BCP information (found within the Deakin University BCP),  the management of any risks relating to BCM in accordance with the University's Risk Management policy and the instigation of a BIA for new or changed activities within their areas.

(13) The Chief Digital Officer, is responsible for ICT continuity and disaster recovery processes including the alignment of ICT service levels and disaster recovery priority groups with the BIA.

Top of Page

Section 5 - Procedures

(14) The Business Continuity procedure documents how to comply with this Policy.

Top of Page

Section 6 - Definitions

(15) For the purpose of this Policy:

  1. Activity: process or set of processes undertaken by the University (or on its behalf) that produces or supports one or more products or services.
  2. Business Continuity Management (BCM): capability of the organisation to continue delivery of products or services at acceptable predefined levels following a disruptive incident.
  3. Business Continuity Plan (BCP): a document to be referred to by the affected Faculty or Portfolio during a disruptive incident that outlines the steps required to recover.
  4. BCM Program: ongoing management and governance process supported by the University Executive and appropriately resourced to implement and maintain Business Continuity management.
  5. Business Impact Analysis (BIA): process of analysing activities and the effect that a business disruption might have upon them.
  6. Recovery Time Objective: the period of time following an incident within which an activity must be resumed, or resources must be recovered.