BCM Policy

Question 1

What APRA standard requirements does the BCM Policy meet?

Answer 1

CPS 232 Business Continuity Management

Question 2

Who is ultimately responsible for the effectiveness of the Group’s Business Continuity Management (BCM)?

Answer 2

The Board

Question 3

Who is the approval authority for the BCM policy?

Answer 3

The Board

Question 4

In regards to BCM, what m 3 things must the Board ensure?

Answer 4

1. BCM is appropriate for nature and scale of operations.
2. BCM aligns to risk management strategy and framework.
3. Business Continuity Plans (BCPs) are reviewed at least annually by responsible senior management.

Question 5

Who is accountable for meeting the requirements of this policy?

Answer 5

Business Leaders.

Question 6

What do Business Continuity Coordinators do?

Answer 6

Assist to coordinate, operate, and facilitate business continuity activities, training, and due diligence.

Question 7

Who is responsible for ensuring that Policy aligns to regulatory expectations and ensuring requirements are met?

Answer 7

Policy Owner

Question 8

What are three things Business Leaders accountable for and must do?

Answer 8

1. Conduct annual analyses on business processes, critical tech, etc.
2. Maintain BCPs and participate in disruption exercises.
3. Manage Business Continuity risks.

Question 9

What are three things Crisis Operations Team or regional equivalent are accountable for and must do?

Answer 9

1. Annually maintain and test Crisis Management Plans (CMP) and Pandemic Plans.
2. Annual facilitate Disruption Exercise.
3. Where plans are activated - escalate as per plan, record actions, and conduct Post-Incident Review (PIR).

Question 10

Where a business is unable to comply with the mandatory requirements of this policy they require exemption - who has authority for approving exemptions?

Answer 10

The Policy Owner