Back Custom print Link Text Only Rich Text Print

  • Business continuity arrangements

    • Governance arrangements and internal control mechanisms

      • AU-4.7.4

        The applicant should provide a description of the business continuity arrangements consisting of the following information:

        (a) a business impact analysis, including the business processes and recovery objectives, such as recovery time objectives, recovery point objectives and protected assets;
        (b) the identification of the back-up site, access to IT infrastructure, and the key software and data to recover from a disaster or disruption;
        (c) an explanation of how the applicant will deal with significant continuity events and disruptions, such as the failure of key systems; the loss of key data; the inaccessibility of the premises; and the loss of key persons;
        (d) the frequency with which the applicant intends to test the business continuity and disaster recovery plans, including how the results of the testing will be recorded.
        Added: December 2018