CPP-Infinit-O_0010_Business Continuity Plan (BCP)_V2
1.0 Objective
Infinit-O’s business continuity plan aims to create a comprehensive plan that aims to ensure service delivery in situations where identified potential events occurred. This would encompass procedures to prevent disruptions, controls to ensure availability of information and resources, and testing to ensure reliability of plans that are put in place.
2.0 Position Statement
We understand the importance of providing service continuity for our clients. During the Covid-19 pandemic we were able to provide continuous service to 100% of our clients and continue to meet our SLA commitments. Our BCP is designed to provide continuity of service and protect the health and safety of our team members while safeguarding the data of our clients. We share our BCP with our clients and prospects who are under an NDA. We have found that our BCP will provide sufficient safeguards for most of our clients. However, to be certain our clients have an appropriate BCP, we will offer to conduct a joint Business Impact Assessment (BIA) to determine to risks associated with a loss of service continuity for each process we support. If necessary, based on this assessment, we will provide a customized disaster recovery proposal for our client.
3.0 Crisis Management Command Structure
3.1 To formalize Infinit-O’s Business Continuity Management Program and to provide guidelines for developing, maintaining and exercising its Business Continuity Plan (BCP).
3.2 This policy establishes the basic principles and framework necessary to ensure emergency response, resumption and recovery, restoration and permanent recovery of the organization’s operations and business activities during a business interruption event.
3.3 The Business Continuity Team (BCT) will be composed of members of the Management Committee lead by the VP for Client Solutions Group (VP CSG).
3.4 For purposes of resiliency in the absence or unavailability of the VP CSG decisions will be done by the following:
3.4.1 VP People and Transformation
3.4.2 VP Finance
3.4.3 Director Financial Services and or Senior Operations Manager
4.0 Scope
4.1 This applies to all team members, information-processing facilities and corresponding IT systems when any of the following scenarios, including, but not limited to, natural disaster, power outage, hardware/telecommunications failures, data corruption, force majeure situations, occur.
4.2 This policy provides guidance for the Resumption and Recovery of time sensitive business operations in accordance with pre-established timeframes as well as ensuring that adequate plans are in place for the less time sensitive business operations.
5.0 Provisions
5.1 Business Impact Analysis and Risk Assessment
5.1.1 Business Impact Analysis (BIA) is prepared relative to the established SLA for Infinit-O departments or for established accounts. In case of new implementations this will be done after the first 90 days once SLA’s are established.
5.1.2 BIA will include requirements for Recovery Time Objective (RTO) for departmental processes or operations to resume without impact any impact to agreed SLA’s.
5.1.3 For Department RTO and SLA, ELT will agree on Risks to Accept and Risks to be mitigated by having a BCP plan for identified events.
5.1.4 For Operations, agree with the client on Risks to Accept and Risks where Infinit-O together with the client will create plans for mitigation of potential impact. This will include agreeing how costs would be billed to the client be it as part of the monthly recurring fee or a pass-through cost in time of activation.
5.2 Business Continuity Plan (BCP) – Admin
5.2.1 BCT will ensure the people in the Admin team will be available during events that trigger BCP to be activated
5.2.2 Finance and Facilities
5.2.2.1 Corporate Cards is issued by the company to BCT with guidelines on usage in case of emergency.
5.2.2.2 Agreements with partners are prearranged to allow seamless activation of BCP
5.2.2.3 Partners includes but not limited banks, delivery services, hotels, hardware providers, telco and co-working sites
5.2.2.4 In case of an event VP for Finance and Admin and team will coordinate with partners to initiate BCP plans
5.2.3 Information Technology
5.2.3.1 Infinit-O IT team is enabled to deploy software and technology to Infinit-O machines during BCP.
5.2.3.2 As part of resiliency plans, sufficient number of machines are kept in the office in case there is a need to deploy computers to team members or remote sites.
5.3 Business Continuity Plan Operations
5.3.1 Infinit-O Business Continuity Plan (BCP) is designed based on jointly agreed plans as a result of the BIA for risk mitigation for specified events.
5.3.2 BCP should address any organizational, physical or security vulnerability that may compromise the confidentiality, integrity and availability of the company and/or client- supplied data and information.
5.3.3 The recovery plans include appropriate action items for different scenarios. These action items are identified, activated and implemented according to specified conditions and timelines.
5.3.4 Alternate approaches for resumption of work including remote work, working from other office buildings, etc., shall be identified for the affected teams.
5.3.5 BCP includes emergency, fallback, temporary operational and resumption procedures.
5.3.6 BCP should indicate how service restoration is prioritized.
5.4 Costs Related to Execution of BCP Plans
|
Cost |
Client Pays |
|
Cost to design, administer, test and maintain BCP. |
Nothing |
|
Business Impact assessment and contingency planning |
Nothing |
|
Cost associated with prevention activities |
Nothing |
|
Crisis management costs (during BCP event) |
Nothing |
|
Costs required to facilitate work from a temporary location. This will be established on a client-by-client basis. Options include: 1. Work from an existing Infinit-O facility, if space is available 2. Work from home 3. Work from a non-dedicated space: co-working spaces/public hotspots 4. Work from pre-arranged leased facilities - Cold, Warm or Hot Site 5. Provide service from another practical alternative site or means
|
Pass-thru of Direct incremental costs only. These may include leased space, lodging, transportation, food, internet access, hazard pay, or other enumerated costs
|
5.5 Billing Options
5.5.1 Option 1: Client will be billed monthly for the duration of the crisis
5.5.2 Option 2: BCP monthly billing surcharge of 1% to be added to SOW
5.5.3 Option 3: Separate and distinct BCP SOW for customized BCP plans designed for specific clients (hot site, cold site, time-share in co-working sites)
Note: costs for remote worker lodging, meals, transportation, 25% hazard pay during the Covid-19 crisis was approximately $25 per day per person
5.6 Threat Monitoring – BCP Activation
5.6.1 IO Safety Officer(s) will be monitoring areas by geographic region in the Philippines where natural or man-made threat are posing risk to team members in the said location.
5.6.2 Current and Upcoming threats will be communicated to IO ELT with information on the following:
5.6.2.1 What is the threat? (fire, power outage, electricity outage, network outage or upcoming typhoon.)
5.6.2.2 Location of the Event
5.6.2.3 Accounts that may be impacted.
5.6.3 Upon identification VP CSG may activate BCP plans of respective accounts.
5.6.4 In the absence of a decision of VP CSG, the Senior Operations Manager and / or the Director for Operations can make a decision for accounts to go on BCP.
5.7 Resumption and Recovery Plans for People Assets
5.7.1 ELT is responsible for establishing a clear chain of command starting with the ELT for activation of BCP.
5.7.2 Each IO VP’s in the Philippines (Finance, CSG, People and Transformation) is responsible for planning and execution.
5.7.3 OM’s and departmental managers must ensure the fulfillment of chain of command planning by the VPs.
5.7.4 Each project team shall implement and maintain a basic communication plan for all their team members for emergency response and business continuity. Guidance on what constitutes a basic communication plan shall follow a standard to be developed and issued jointly by ELT and BCT. Confidentiality of team members’ personal contact information for this purpose shall be managed in compliance with the Infinit-O’s Security and Human Resources (HR) policies and practices.
5.7.5 OM’s shall identify the designated front-runners for each project teams and the alternate team members who perform functional responsibilities in the absence of the front-runners. Some team members may be required to work from remote offices or from home.
5.7.6 VP’s and OM’s shall work with HR to develop clear guidance on how team members shall work their time during a crisis. These team members may be directed to suspend their regular duties until the operations are restored at a permanent site or provide alternate direction.
5.8 Resumption and Recovery Plans for Facilities and Office Space
5.8.1 BCP Procedures contain the coordinated strategy involving plans, policies, procedures, and technical measures that enable the recovery of IT systems, operations, and data that is identified as critical. ELT shall also work with other teams that are responsible for development and maintenance of the technology and information that support critical business processes of Infinit-O.
5.8.2 ELT must provide a safe, easily accessible and operational location with adequate resources for the team members to report to and initiate operations during a disruption.
5.8.3 The alternate facility must have a power supply, Internet connection and phone lines to support efficient response during a crisis. The alternate facility must prove adequate office space and alternate communication links with the clients.
5.8.4 BCT shall ensure that the level of security controls at the main site is replicated in the alternate site.
5.8.5 For business restoration and permanent recovery, ELT shall work closely with BCT, IT and Shared Services Teams to coordinate the activities in restoring Infinit-O’s operations and ultimately returning to an original or transferring to a new permanent operating site.
5.9 Resumption and Recovery Plans for IT Systems
5.9.1 Infinit-O’s network architecture and telecommunications shall ensure redundancy and ability to cope with a disruption.
5.9.2 The company policy on Business Continuity Management Program is integrated in IT policies, budget and implementation decisions. IT budget guidelines shall take into account good practices concerning continuity planning and readiness.
5.9.3 For any new application development, BCP should be integrated in all phases of the IT project life cycle that includes Business Requirements, System Architecture, Design, Construction, Testing, Implementation, Maintenance and Retirement.
5.10 Testing
5.10.1 BCP should be tested at least annually to ensure credible recovery preparedness. ELT shall determine the scope, objectives, and measurement criteria of each test on a per event basis. Test results shall be shared with ELT.
5.10.2 The testing schedule and results are found in APPENDIX E of this document.
5.11 Corporate Communication
5.11.1 External communication during a time of crisis is very critical. VP-Client Solutions Group, Directors and Operations Managers are responsible for communicating with their respective clients.
5.11.2 HR shall be responsible for communicating with the Managers and Team Leaders who, in turn, will notify their respective team members.
5.11.3 HR must update the Team member directory quarterly.
5.12 Training
5.12.1 Business Continuity training all members of Infinit-O is essential for effective resumption and recovery of operations.
5.12.2 IO VP’s and OM’s shall ensure people are trained to keep current in business continuity and Infinit-O processes, latest technologies, international standards and regulations that guide the development and enhancements of the BCP.
5.12.3 Account specific testing plans will form part of the onboarding process for new hires and refresher training is to be conducted annually to ensure awareness and understanding of the BCP plan.
5.13 BCP Maintenance and Management Reporting
5.13.1 BCP shall be updated annually or as often as changes require. These changes may include acquisition of new equipment, key processes and systems, key team members and their contact numbers, business strategy, resources, suppliers and top clients.
5.13.2 All major updates should be incorporated as soon as possible and is not held to satisfy a pre-arranged schedule.
5.13.3 BCT shall report the status and progress of BCP during the Quality & Information Security Review Meetings with ELT after every test.
5.14 Policy Compliance
5.14.1 Consistent compliance with this policy is essential to its effectiveness. Infinit- O management and team members are expected to adhere to this policy and to follow it consistently.
5.14.2 BCT shall assess the preparedness of the organization and report to ELT during the Quality & Information Security Review Meetings with ELT every six (6) months or after every test. The assessment includes the qualifications of Infinit-O’s exposure, including but not limited to, the resumption of time-sensitive operations and recovery of project teams.
5.14.3 Periodic internal audit is conducted.
5.15Responsibility
5.15.1 ELT is responsible for the approval of the BCP policy, planning and governance. They are also responsible for provision of sufficient financial resources to address the identified requirements during a crisis.
5.15.2 BCT is responsible for disseminating the appropriate announcements to their subordinates and assist ELT and other admin teams in movement of action plans.
5.15.3 Business Continuity Team (BCT), who is composed of the Infinit-O VPs, OMs, IT and Shared Services Teams have the overall responsibility to create the specific plans to provide leadership and guidance that ensures the appropriate consistency, coordination and compliance among the team heads and team members.
5.15.4 IT Team (IT) is responsible for the security of machines and provision of IT resources during a disruption type that needs relocation. IT Team should ensure that any information unavailability/loss is at an acceptable level.
5.15.5 BCT is responsible for the activation of the BCP upon receipt of notice and approval from ELT. This team provides overall support to affected teams to ensure personnel safety and smooth execution of the BCP.
5.15.6 Infinit-O Safety Officer would be responsible for the following:
Monitor the calamities.
Notify ELT on the status of calamities, events and/or disruptions.
Release pertinent advisory to all VPs, Team Leaders, upon receipt of instructions from ELT.
5.15.7 ELT is responsible for activation of BCP outside the agreed plans with individual clients.
5.15.8 VP-Client Solutions Group
Is responsible for composing the email advisory as well as its release to all clients.
If email is unavailable, call all affected clients.
Operation Managers may assist if there’s time constraint.
5.15.9 F&A Team is responsible for the release of any required funds, when necessary.
5.15.10 SSP Team is in charge of provision of any required resources including the relocation area/s.
5.15.11 The IT Team is responsible for setting up offsite offices and restoration of services in the facilities.
6.0 Frequency
6.1 Testing – annually
6.2 Review – annually
6.3 BCP Activation – Adhoc
7.0 Distribution
7.1 Clients
7.2 BCT
7.3 ELT
8.0 Usage
8.1 Activation of BCP plans will be initiated by the BCT
8.2 Communication will be done via Facebook and Infinit-O Call Tree
Information of each team member is saved in a cloud-based system that allows Infinit-O to activate BCP and send an SMS blast to team member during events that would call for BCP to be activated. As designed for each account members will then be instructed via Facebook, Mobile Communication and SMS as to what the next steps would be.
8.3 Coordination will happen between BCT OM’s and Team Members in accordance with the agreed BCP plans created with each client that is based on the client business impact assessment.
8.4 If the event necessitating BCP is severe and unanticipated Infinit-O may opt to stop operations. This will only be called upon in cases where safety of our employees will be put at risk by continuing operations.
Force Majeure
The obligations of the parties shall be suspended to an extent and for the period that performance is prevented by force majeure. “Force Majeure” means acts of God, laws, regulations or orders of any government or governmental entities, judgments or orders of any court of competent jurisdiction, acts of war or conditions arising out of or attributable to war, whether declared or undeclared, riots, terrorism or other criminal activity, insurrections or rebellions, fire, explosions, earthquake, storm, flood, volcanic eruption, drought or other severe and unusual adverse weather conditions; accidents; or any other cause similar to the foregoing.
9.0 Events
9.1 Historical Events on Appendix B
9.2 Generic Plans per BCP event is detailed on Appendix C
APPENDIX A
Business Impact Analysis Template
Business Impact Analysis (BIA) and Risk Assessment Data Gathering Worksheet
Background
|
Department Name |
|
|
Department Owner (Director/Manager) |
|
|
Products and Services Directly or Indirectly Delivered by This Department |
P&S #1 P&S #2 P&S #3 P&S #4 P&S #5 |
Department Overview
The following table captures key department characteristics that may influence the assignment of recovery objectives and the selection of recovery strategies.
|
Department Narrative Description |
|
|
Customers and Outputs (Internal or External) |
|
|
Peak Operating Periods or Seasonality |
· |
Impact Analysis and Recovery Requirements
The following table describes each department’s activity and the possible impact should it fail to operate.
|
Activity |
Description |
Impact of Downtime (Over Time) |
Proposed RTO (hours/days) |
|
|
|
|
Financial: |
|
|
|
Regulatory, Legal and/or Contractual: |
|
|||
|
Reputational: |
|
|||
|
Operational: |
|
|||
|
Health/Safety: |
|
|||
|
|
|
Financial: |
|
|
|
Regulatory, Legal and/or Contractual: |
|
|||
|
Reputational: |
|
|||
|
Operational: |
|
|||
|
Health/Safety: |
|
|||
|
|
|
Financial: |
|
|
|
Regulatory, Legal and/or Contractual: |
|
|||
|
Reputational: |
|
|||
|
Operational: |
|
|||
|
Health/Safety: |
|
|||
Critical Records
The following table summarizes the various informational needs necessary to operate – both electronic and hard-copy.
|
Record / Data Name |
Description |
Location |
Backed Up? |
Offsite (if yes, list location) |
|
|
|
|
Yes No Partial |
|
|
|
|
|
|
|
|
|
|
|
|
|
Key Threats, Vulnerabilities and Risk Treatment Options
The section of the BIA data gathering worksheet is used to “link” the department’s inputs to current-state business continuity risk mitigation efforts (controls), summarize alternate procedures and manual workarounds, estimate impact and likelihood of failure, and identify other possible risk treatments.
Loss of Key Roles/Personnel
The following table summarizes key roles and/or personnel in order to understand their importance and potential impact on department.
|
Role |
Description (Responsibilities and Activity) |
Existing Controls |
Impact of Loss Described |
Risk Treatment Options |
||
|
|
|
|
|
Catastrophic Major Moderate Minor |
Certain Probable Possible Unlikely |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Loss of Key Facility or Equipment
The following table summarizes the facilities used and equipment needed for the operation of this department.
|
Facility / Equipment |
Description of Use |
Existing Controls, Recovery Strategies Alternate Procedures |
Impact of Loss Described |
Risk Treatment Options (Alternate Sites, Contingent Sourcing, etc.) |
||
|
|
|
|
|
Catastrophic Major Moderate Minor |
Certain Probable Possible Unlikely |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Loss of Key Technology
The following table summarizes the key technology (i.e. systems and applications) necessary for the operation of this department.
|
Technology Name |
Technology Source (IT, 3rd Party, etc.) |
Description of Use |
Existing Controls or Manual Work Arounds |
Impact of Loss Described |
Requested RTO (hours) |
Requested Data Loss Tolerance (hours) |
Risk Treatment Options |
||
|
|
|
|
|
|
Catastrophic Major Moderate Minor |
Certain Probable Possible Unlikely |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Loss of Key Supplies/Vendors
The following
table summarizes the key supplies or services provided to the department that
are necessary to maintain operations.
|
Supply or Service |
Source(s) |
Description of Use |
Existing Controls |
Impact of Loss Described |
Risk Treatment Options |
||
|
|
|
|
|
|
Catastrophic Major Moderate Minor |
Certain Probable Possible Unlikely |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Recovery
Requirements
The following tables summarize various resource requirements and when they are needed following the onset of a disruptive event.
Staffing Resource Requirements
The following table summarizes the quantities, work-from-home capabilities and recovery requirements for those key roles identified above.
|
Role |
Normal Level |
Current Location |
Work From Home* |
< Day 1 |
Day 1 |
Day 2 |
Day 3 |
Day 4 |
Day 5 |
Week 2 |
Week 3 |
Week 4 |
Total (needed by role for recovery) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Equipment/Supply Requirements
The following table summarized the quantities, offsite availability and recovery requirements for the key equipment and supplies identified above.
|
Resource |
Normal Level |
Currently Available Off-Site? |
< Day 1 |
Day 1 |
Day 2 |
Day 3 |
Day 4 |
Day 5 |
Week 2 |
Week 3 |
Week 4 |
Total |
|
|
|
Yes No |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Ratings Definitions
Estimated Likelihood
|
Rating Name |
Description |
|
Certain: More than one failure per year |
Failure is almost inevitable more than once annually. |
|
Probable: Failure once every 1 or 2 years |
This process or similar processes have often failed at least once over a two year period. |
|
Possible: Failure once every 3 to 5 years |
This process or similar processes have experienced occasional failures, but not in major proportions (no more than every three to five years). |
|
Unlikely: Failure once every 6 years or more |
Isolated failures associated with similar processes, often occurring once every six or more years. |
Probable Impact
|
Rating Name |
Description |
|
Catastrophic |
Failure affects safety or involves noncompliance with customer or regulatory requirements. May endanger personnel. Most likely will result in serious disruption to customer operations and / or other operational, financial or reputation issues. |
|
Major |
High degree of customer dissatisfaction due to the nature of the failure. Failure does not involve safety or government regulation. May result in serious disruption to customer-facing operations and / or other operational, financial or reputation issues. |
|
Moderate |
Failure causes some customer dissatisfaction which may include discomfort or annoyance. Customer will notice performance issues and deterioration. The event may result in product or service delivery delay. |
|
Minor |
Due to the nature of this failure, the customer experiences only slight annoyance. Customer will probably notice slight deterioration of the process or system performance or a slight inconvenience with a subsequent process, i.e. minor rework. |
APPENDIX B
Historical Events
APPENDIX C Event Specific Procedures
1. No Internet Connection (May be a result of the following: Fire, Typhoon, Flooding or Earthquake)
1.1. Localized
1.1.1. Low Impact (<10% of the members of the account)
1.1.1.1. Inform IT to ensure proper network security monitoring can be implemented.
1.1.1.2. Mobilize team members to access internet from a nearby location (internet café, starbucks, or a friend or relatives’ residence.
1.1.2. Moderate Impact (>10% up to 50% of the account)
1.1.2.1. OM and IT to determine actions based on agreed BCP plan.
1.1.2.2. Mobilize team members to access internet from a nearby location (internet café, starbucks, or a friend or relatives’ residence.
1.1.2.3. If nearby location is not available OM can consider having member report to the office facility.
1.2. City Wide
1.2.1. Low Impact (<10% of the members of the account)
1.2.1.1. Inform IT to ensure proper network security monitoring can be implemented.
1.2.1.2. Mobilize team members to access internet from a nearby location (internet café, starbucks, or a friend or relatives’ residence.
1.2.2. Moderate Impact (>10% up to 50% of the account)
1.2.2.1. OM and IT to determine actions based on agreed BCP plan.
1.2.2.2. Mobilize team members to access internet from a nearby location (internet café, starbucks, or a friend or relatives’ residence.
1.2.2.3. If nearby location is not available OM can consider having member report to the office facility.
1.2.3. High Impact
1.2.3.1. OM to coordinate with SSP and work to bring the team to the office.
1.3. Region
1.3.1. Action will be dependent on the agreed BCP plan, at this point we may only be able to operate account with Hot Site Plans (E.g. Regus)
2. Power Failure (May be a result of the following: Fire, Typhoon, Flooding or Earthquake)
2.1. Localized
2.1.1. Mobilize team members to nearby locations with generators (internet café, starbucks, hotel lobby or relatives’ residence).
2.2. City Wide
2.2.1. Low Impact (<10% of the members of the account)
2.2.1.1. Inform IT to ensure proper network security monitoring can be implemented.
2.2.1.2. Mobilize team members to access internet from a nearby location (internet café, starbucks, or a friend or relatives’ residence.
2.2.2. Moderate Impact (>10% up to 50% of the account)
2.2.2.1. OM and IT to determine actions based on agreed BCP plan.
2.2.2.2. Mobilize team members to access internet from a nearby location (internet café, starbucks, or a friend or relatives’ residence.
2.2.2.3. If nearby location is not available OM can consider having member report to the office facility.
2.2.3. High Impact
2.2.3.1. OM to coordinate with SSP and work to bring the team to the office.
2.3. Region
2.3.1. Action will be dependent on the agreed BCP plan, at this point we may only be able to operate account with Hot Site Plans (E.g. Regus)
3. Security Attacks against Infinit-O Systems
3.1. Attacks against cloud based
3.1.1. IT will be use the latest imaged backup to restore services.
3.2. If attacks target Infinit-O application
3.2.1. Code back up will be used to restore Infinit-O applications back into operation along with information back up.
Appendix D Definitions
Site Definitions
Cold Sites: Cold sites are mere empty operational spaces with basic facilities like raised floors, air conditioning, power and communication lines etc. On occurring of an incident and if the operations can do with a little down time, alternate facilities are brought to and set up in the cold site to resume operations. A cold site is the least expensive type of backup site for an organization to operate. It does not include backed up copies of data and information from the original location of the organization, nor does it include hardware already set up. The lack of provisioned hardware contributes to the minimal start-up costs of the cold site, but requires additional time following the disaster to have the operation running at a capacity close to that prior to the disaster. In some cases, a cold site may have equipment available, but it is not operational.
Warm Sites: A warm site is a compromise between hot and cold. These sites will have hardware and connectivity already established, though on a smaller scale than the original production site or even a hot site. Warm sites might have backups on hand, but they may not be complete and may be between several days and a week old. The recovery will be delayed while backup tapes are delivered to the warm site, or network connectivity is established, and data is recovered from a remote backup site.
Hot Sites: A hot site is a duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data. Real time synchronization between the two sites may be used to completely mirror the data environment of the original site using wide area network links and specialized software. Following a disruption to the original site, the hot site exists so that the organization can relocate with minimal losses to normal operations in the shortest recovery time. Ideally, a hot site will be up and running within a matter of hours. Personnel may have to be moved to the hot site, but it is possible that the hot site may be operational from a data processing perspective before staff has relocated. The capacity of the hot site may or may not match the capacity of the original site depending on the organization's requirements. This type of backup site is the most expensive to operate. Hot sites are popular with organizations that operate real time processes such as financial institutions, government agencies and eCommerce providers. The most important feature offered from a hot site is that the production environment(s) is running concurrently with the main datacenter. This syncing allows for minimal impact and downtime to business operations. In the event of a significant outage event, the hot site can take the place of the impacted site immediately.
Appendix E Testing and Results
Related Articles
CPP-Infinit-O_IO Privacy Manual
Privacy Manual BACKGROUND The surge in technological advancement and the growing concerns to individual privacy in the online world of computer networks, including the internet, paved way for Republic Act No. 10173, otherwise known as the Data ...CPP-Infinit-O_0001_COD_V4
Objective To ensure that company and project-related records are accessible, easily retrieved, and disposed of once the retention period is reached. This policy is also intended to help team members determine what information can be disclosed to ...CPP-Infinit-O_0003_V1 NPS
Objective To determine Client’s loyalty and perception toward Infinit-O’s services. Scope This procedure covers the review of Infinit-O’s performance on Project Management, Service Quality and Overall Service and implementation of necessary action ...CPP-Infinit-O-0002_Control Of Records_V4
Objective To ensure that company and project-related records are accessible, easily retrieved, and disposed of once the retention period is reached. This policy is also intended to help team members determine what information can be disclosed to ...CPP-CPL-0201_Compliance Program
Company Policy & Procedure Compliance Program Ref. No.: CPP-COM-0201 Version 2 Page 1 of 13 Prepared by J. Presbitero 03/ 06/2023 Approved by M. Malonzo Filename CPP-CPL-0201_Compliance Program Version Prepared by: Approved by Changes Approval Date ...