-
- About Compliance, Governance and Risk
- Insurance, Audit and Risk
- Legal and Contracts
- Research Ethics and Governance
- Student Cases and Conduct
- Prevent
- Committee Secretariat
- Information Governance
- Safeguarding
- Health and Safety
Exercising
Best practice recommends that incident response and business continuity plans are periodically validated through well planned exercises and outcomes captured to further enhance resilience. A risk based approach is used to identify exercise priorities at an institutional level, including an annual exercise programme for the Incident Response Team (Gold) and Estate Patrol. Ad hoc exercises are also used to prepare for specific types of disruption that are considered high risk.
Business Continuity Plan Owners are encouraged to exercise plans at least tri-annually, regardless of the perceived level of risk. A variety of self-service exercises have been developed by the Insurance, Audit and Risk Team for this purpose. The guidance document, containing links to the exercise resources, is available here: Exercise Guidance.
If you require the Insurance, Audit & Risk Team to facilitate a more complex exercise, please complete an Exercise Request Form and send it to buscont@exeter.ac.uk.
Reviewing
All incident response and business continuity plans are reviewed annually by the Plan Owner. The Insurance, Audit and Risk Team provide advance notice that the annual review is due. A review checklist is completed as part of the process, to help Plan Owners consider any changes that are required:
- Checklist for the full BIA and BCP templates: BCP Annual Review Chcklist
- Checklist for the Quick Start BIA and Abbreviated Business Continuity Plan templates: QS BC Annual Review Checklist
Reviewers may also find it helpful to use the navigation pane to quickly reach individual sections of the documents. A document containing Navigation Pane Instructions has been developed to guide you through this.