University Policies

Page tree

Versions Compared

Old Version 11

changes.mady.by.user Raghu, Rachana

Saved on

compared with

New Version 12

changes.mady.by.user Raghu, Rachana

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Title: Business Continuity Management Policy
Subject: Information Security 
Policy No: ISO:2013:08 
Applies: University-wide 
Issuing Authority: Information Security Office - Chief Information Security Officer
Responsible Officer: Vice President for Information Resources and Chief Information Officer
Adopted: 07/01/2013
Last Revision: 08/01/2014
Last Reviewed: 12/29/2014

I.     PURPOSE

This policy describes the Rowan University Business Continuity Management program, which is proactive and iterative in its approach to assess potential threats and ensure appropriate and resilient arrangements are in place. The Program is required to support the safety of our employees and secure critical resources (people, systems and locations) required to continue key business processes and minimize impacts in a timely, structured, and cost-effective manner, in the event of a business interruption incident. 

Business Continuity Management's primary objective is to enable the executive and senior management to continue to manage and operate their business under adverse conditions, by leveraging appropriate resilience strategies, recovery objectives, and business continuity and crisis management plans.

II.     ACCOUNTABILITY

Under the direction of the President, the Chief Information Officer, Chief Information Security Officer, schools and business units, the Information Security Office (ISO) shall implement and ensure compliance with this policy.

III.    APPLICABILITYAPPLICABILITY

This policy applies specifically to all employees, deans, officers and directors of the University. Furthermore, management's accountability extends to ensuring all aspects of its Business Continuity Management's activity incorporate third party service providers and vendors.

IV.   DEFINITIONS

Business Interruption - an event, whether anticipated or unanticipated, which disrupts the normal course of business operations within the university.

V.    POLICYPOLICY

A. Business Continuity Management Framework

...

The Information Security Office (ISO) will monitor and report on the status of University-wide business continuity management activities, plans, protocols and testing to each Dean and the Executive for each business unit on a periodic basis. Additionally, the ISO will provide regular reporting to the Board Risk Committee regarding the state of the University's Business Continuity Management Program and preparedness.

 

VI. ATTACHMENTS

A. Attachment 1, Roles and Responsibilities

B. Attachment 2, Non-Compliance and Sanctions


VI.   ROLES and RESPONSIBILITIES

...