The purpose of this document is to define how Resolver will ensure that all conditions for the resumption of business activities in the case of a disaster or other disruptive incidents are met. It forms the basis for preparing the Business Continuity Plan and recovery plans.
This document is applied to the entire BCMS scope as defined in the Business Continuity Management Policy.
Users of this document are members of top management and persons implementing the business continuity management project.
BC Coordinator is responsible for coordinating the creation of a BCP plan by BC team leads, ensuring the plan is updated in a regular base and enacting the plan in case of a crisis event.
The Business Impact Analysis established that 14 activities support key products and services – please see Appendix 1 for a list of such activities.
The maximum tolerable period of disruption (maximum acceptable outage) for each activity has been determined in the Business Impact Analysis Questionnaire – please see Appendix 2.
Appendix 3 determines recovery time objectives for each activity, taking into account dependencies on other activities.
Assessment of risks that could affect business continuity is described in the Risk Assessment report. The highest risks which could lead to a disruptive incident, i.e., business disruption identified during risk assessment are the following:
For all the mentioned risks/incidents it is necessary:
If business continuity plans are activated, a working body called a Crisis Management Team is formed, which is authorized to make any decisions to resolve the situation. Members of the Crisis Management Team are:
The Crisis Management Team is managed by the Crisis Manager/ BC Coordinator. VP of Finance will perform the function of Crisis Manager, and in the case of his/her absence, the function will be performed by the President / CISO and so on according to the Crisis Management Team structure and decision.
The Crisis Management Team manages the disruptive incident from a facility called the Command Centre, the location of which is specified in item 5.1 of this Strategy.
The Crisis Management Support Team has the function of relieving the Crisis Management Team from administrative and other operational activities, in order to focus on managing the disruptive incident.
Members of the Crisis Management Support Team are:
The Crisis Management Support Team shall work on locations specified by the Crisis Management Team.
To serve the Crisis Management Team and Crisis Management Support Team the Command Centre must be equipped as follows:
Name of resource | Description | Amount | When the resource is necessary |
Applications / databases: | |||
Box | immediately | ||
Office 365 | immediately | ||
RingCentral | immediately | ||
ZenDesk | within 2 hours | ||
Jira | within 2 hours | ||
Data stored in electronic form: | |||
Business Continuity Strategy and plans for all activities | within 2 hours | ||
Data stored on paper: | |||
Business Continuity Strategy and plans for all activities | immediately | ||
IT and communications equipment: | |||
Workstations | within 2 hours | ||
Telephones RingCentral | immediately | ||
Mobile phones | immediately | ||
Communication channels: | |||
Internet access | immediately | ||
Telephone: RingCentral | immediately | ||
Slack | immediately | ||
e-mail service (Office 365) | immediately | ||
Zoom or equivalent alternative; Teams, WebEx | within 2 hours | ||
Facilities and infrastructure: | |||
Computer network | within 2 hours | ||
Furniture | immediately | ||
External services: | |||
Electricity | immediately | ||
HVAC | within 2 hours |
[27A1] [27A1]Depending on the number of members in the Crisis Management Team and if necessary in the Crisis Management Support Team.
BC Manager is responsible for preparing the Crisis Management Team and the Crisis Management Support Team for their role during a disruptive incident. BC Manager is responsible for equipping the Command Centre.
Incidents are reported in the following way:
If the persons mentioned are unable to resolve the incident, they must inform the Crisis Manager who decides whether to activate recovery plans.
Authorizations for making decisions are the following:
Type of decision | Who is authorized |
How small incidents related to IT and communications technology are resolved | Employees in the IT Department |
How all other small incidents are resolved | BC Manager |
Making a decision about activating recovery plans | Crisis Manager |
Implementing all tasks necessary for the recovery of individual activities | Recovery Manager for individual activities |
Selecting information to be provided to the public media during a disruptive incident | PR Manager |
Purchases during the disruptive incident – up to $100,000 | BC Co-ordinator or delegate |
Purchases during the disruptive incident – over $100,000 | VP of Finance or President |
IT team is allowed to make an urgent purchase beyond their spend and without getting C-level approval up to $100k in ONLY the following circumstances: · Appropriate C-Level management team members can’t be reached due to outage and · In order to restore critical systems which may affect company: o to suffer significant penalties o reputational damage which may possibly lead to full business disruption | Information Systems Director |
BC Manager is responsible for preparing employees in Resolver Inc. to recognize and react to incidents related to IT and communications technology BC Manager is responsible for preparing employees in Resolver Inc. to handle other incidents.
The following persons are in charge of coordination with state authorities and emergency services:
Authority | Who is in charge |
Police | BC Manager |
Ambulance | BC Manager |
Fire service | BC Manager |
The mentioned persons must implement all preliminary activities to ensure interoperability with authorities during a disruptive incident is at a satisfactory level. Preliminary activities may include obtaining instruction from authorities regarding the type of information required in the case of a disruptive incident and how the organization is expected to react.
Each building is evacuated as specified in the building evacuation plan in the case of fire.
After evacuating the building, employees must gather at the following assembly points:
Location | Assembly Point 1 | Assembly Point 2 |
111 Peter Street, Suite 804, Toronto, | North-East corner of Peter and Richmond | |
1200-10025 102A Avenue, Suite 1200, Edmonton | In front of the building at the main entrance | |
Unit 6, Level 1, 112 High Street, Rangiora | In front of the building at the main entrance | |
707 Virginia Street East, Suite 1000, Charleston | In front of the building at the main entrance | |
9th Floor, My Home Twitza Plot No 30/A, Survey No 83/1 TSIIC – Hyderabad Knowledge City, Hyderabad | In front of the building at the main entrance |
The business Continuity Coordinator is responsible for preparing and maintaining evacuation plans in the case of fire.
The following means of communication will be used in the case of a disruptive incident – those at the top of the list are to be used first, those near the bottom are used only if the former is out of order:
The Information Systems Director is responsible for acquiring/preparing and, when necessary, maintaining the mentioned means of communication to ensure they are available during a disruptive incident.
Employees of the organization will be transported from the primary to the alternative site in the following ways:
Activity | Means of transport |
Crisis Management Team and Crisis Management Support Team | using public transportation, on foot, by private car, by business car; by rented bus; |
All the other activities | Public transportation |
The business Continuity Coordinator is responsible for providing for all means of transportation.
Resolver will handle relations with interested parties by designating persons to communicate with them in the case of the disruptive incident by the following means of communication:
[Telephone] | [Meetings] | [E-mail] | [Press Conference] | [Public Media] | |
[Employees] | HR team | VP of Talent and Culture | VP of Talent and | N/A | N/A |
[Owners /shareholders] | President and VP of Finance | President, VP of Finance, and CISO | President and VP of Finance | President | President |
[Employees’ relatives] | HR Team | VP of Talent and Culture with President with CISO | VP of Talent and Culture | N/A | N/A |
[Clients] | Account Managers (Smaller Clients) after consulting with Director, Legal | CISO or/and President for the larger clients in collaboration with Director, Legal | President in collaboration with Director, Legal | CMO, President, CISO, and Director, Legal | CMO, President, CISO, and Director, Legal |
[Public media] | CMO in collaboration with Director, Legal | CMO in collaboration with Director, Legal | CMO in collaboration with Director, Legal | CMO, President, CISO, and Director, Legal | CMO, President, CISO, and Director, Legal |
[Associations] | Marketing team | CMO | CMO | ||
[Emergency services] | Operations Coordinator in Legal | President, VP of Finance, CISO, and Director, Legal | CISO in collaboration with Director, Legal | CMO, President, CISO, and Director, Legal | CMO, President, CISO, and Director, Legal |
[various state authorities] | Operations Coordinator in Legal | CMO, President, VP of Finance, CISO, and Director, Legal | CMO in collaboration with Director, Legal | CMO, President, CISO, and Director, Legal | CMO, President, CISO, and Director, Legal |
PR Manager is responsible for preparing all the above-mentioned persons for communicating during the disruptive incident.
PR Manager is responsible for preparing templates for the media statements, which would cover all disruptive incidents related to the above-mentioned highest risks.
Resolver’s General approach for resource strategy
Recovery sites of Resolver are the following:
Name | Primary site | Alternative Site Strategy | Min. number of workplaces | Equipment* | Alternative site – close | Alternative site – remote |
Command Centre | 111 Peter St. Toronto | Working at home or some other remote location. Command Center activities do not require access to company physical facilities. All critical documentation is available online through Share BOX folders or Microsoft OneDrive or stored locally on the Crisis Management Team member computers | All Resolver employees are provided with mobile workstations | N/A | Edmonton | |
Legal Department | 111 Peter St. Toronto | Working from Home | 2 | Same as above | N/A | N/A |
IT Department | 111 Peter St. Toronto | Rent Disaster recovery center from a specialized organization | 7 | Same as above | ||
*Terms used in this column have the following meaning:
Relations with suppliers and outsourcing partners must be managed in the following way:
Name of supplier/outsourcing partner | Strategy |
[a) services are contracted from several suppliers or outsourcing partners simultaneously – if one partner is unavailable, the services of another can be used) | |
b) obliging the suppliers/outsourcing partners by contract to deliver the product or service regardless of the disruptive incident and define penalties (in this way suppliers/outsourcing partners are obliged to introduce business continuity, and transferring a part of the financial risk to them) | |
c) alternative suppliers or outsourcing partners should be defined (in this way the transfer of business can be prepared, although the business relationship does not start until a disruptive incident occurs) | |
d) return of activities back to the organization (preparing the organization to take over activities that have been outsourced)] | |
Telcom (Internet provider) | |
IT Maintenance |
Information Systems Director is responsible for managing relations with suppliers and outsourcing partners to ensure interoperability during a disruptive incident is at a satisfactory level.
All the necessary applications and databases will be installed at the alternative site if they are required within 24 hours from the disruptive incident; for those applications and databases which are not required within 24 hours, the installation media will be stored at the alternative site.
Information Systems Director is responsible for application/database installation and/or for the preparation of installation media.
Backup copies of data shared by several activities must be made at the following intervals:
Name of the application, database, folder, document: | Frequency of creating backup copies | Backup procedure |
[a) applications/databases – automated server-based backup procedure; b) electronic documents – storage in intranet folders for which backup copies are created automatically; c) paper documents – receiving all fax documents by electronic means, or scanning the documents, or copying them and storing at two separate locations] | ||
Office 365 | Every 12 hours | Automated |
Zendesk | Every 12 hours | Automated |
BambooHR | Every 12 hours | Automated |
Salesforce | Every 12 hours | Automated |
Intacct | Every 12 hours | Automated |
Note: the frequency for creating backup copies of data used only by a single activity is defined in the strategy for the said activity.
IT Department is responsible for creating backup copies of the above-mentioned data
The following strategies are used to avoid a single point of failure that can cause a disruption of an activity:
Single point of failure | The activity where it occurs | Avoidance Strategy |
System administrators | IT Department | Write process descriptions, Internal Articles, Knowledge Base. |
CISO is responsible for implementing the single point of failure avoidance strategy.
The resolver needs to maintain a cash balance of $1.5 M CAD for ongoing working capital activities.
In the case of a disruptive incident, financial resources will be provided in the following way:
(a) Loan from parent entity Kroll.
VP of Finance is responsible for making all necessary arrangements concerning the provision of financial resources.
The recovery strategy for individual activities is defined in Appendices 6 to [number] to this Strategy.
The person specified as the Recovery Manager for an individual activity is responsible for writing Recovery Plans for this activity. BC Manager is responsible for preparing all resources necessary for individual activities.
Appendix 5 lists all necessary preparations for the implementation of this Strategy. BC Manager must define necessary financial and other resources, and set deadlines for the implementation of each preparation; BC Manager is in charge of monitoring coordination and execution of all preparatory actions, as well as of reporting about their implementation.
Record name | Storage location | The person responsible for the storage | Control for record protection | Retention time |
Business Continuity Plan (in electronic form) | The computer of BC Manager and shared box folder | BC Coordinator | Only Top Management and BC Managers have the right to make entries and changes to Plan data. | The Plan is stored for a period of 3 years |
This document is valid as of August 2023.
The owner of this document is BC Manager, who must check and if necessary update the document at least once a year.
When evaluating the effectiveness and adequacy of this document, the following criteria need to be considered:
EFFECTIVE ON: August 2023
REVIEW CYCLE: Annual at least and as needed