Smart Applications Group

Business Continuity

Business Continuity Management System Policy Statement

Purpose

This policy statement defines the framework for the organization to respond to internal and external threats and ensures the organization’s preparedness, resilience and ability to continue delivering its mandate when such threats occur and demonstrates management commitment and support for business continuity management system throughout Smart Applications.

This policy is the primary policy from which all business continuity related policies emanate.

Scope

This policy is applicable to all Smart Applications personnel, contractors, vendors and other parties, and covers all information entrusted to or owned by Smart Applications and stored, processed, or transmitted on the organizations information systems and operated by the organization.

Business Continuity Objectives

Objective 1 – Ensure the safety and welfare of Smart Applications staff and visitors who are within its premises at the time of an incident

Objective 2 – Comply with the Smart Applications requirements, contractual, regulatory and legal requirement

Objective 3 – Preserve the ability to meet stakeholder expectations in a wide range of circumstances, including meeting 3rd party arrangements

Objective 4 – Provide for an orderly and expedited recovery after a disruptive event.

Business Continuity Management System Policy

Smart Applications is committed to the confidentiality, integrity and availability of her information assets and shall implement measures through the establishment.

Smart Applications is committed to continual improvement of her business continuity program to protect the organization’s information assets against all threats and disruptions.

Smart Applications is also committed to complying with all applicable legal, regulatory and contractual requirements related to business continuity in her services and operations.

All users and custodians of information assets owned by or entrusted to Smart Applications shall comply with this policy and exercise a duty of care in relation to the storage, processing, and transmission of the organization’s information and information systems.