...
When an incident turns into an event like a disaster, breach, or something which classifies it as a Severity 1
When the estimated time of resolution for a potential breach is greater than the normal estimated time for regular security incidents
When the recovery of an incident is uncertain, a decision must be made to invoke the business continuity plan if the disruption cannot be resolved within the specified incident recovery timelines
When the resolution of an incident with critical customers, depending on their service-level agreements is delayed, then the BC plan must be triggered
...
During the normal course of our business, we’ve managed client-specific escalations through our Helpdesk portal which has Service Level Agreements commitments. We’ve maintained zero SLA violations for the last 2 years. Further, any service degradation was restored within the stated SLAs by our vendors.
BCP for Remote Workers
In the case of an all-remote company like Axelerant, it is sufficient to have simple contingency plans in the form of service-level agreements with companies that host our data and services. The advantage of an all-remote workforce like Axelerant is that if there are clusters of people or systems that are unavailable, the rest of the company will continue to operate normally.
Data Continuity Plan
Axelerant uses all third-party SaaS platforms and there’s no infrastructure of its own to manage. The specifics tools and associated subscriptions are cataloged here Tools & Subscriptions. These platform's business continuity has been reviewed prior to adoption. The only business risk known is the degradation of service but no data loss is expected.
Vendor Communication and Service Restoration Plan
All vendors and service provider's support contact details are readily available and logged alongside each of the above subscriptions. Should a disruption of any kind we are able to escalate immediately and get an update on the time frame for service restoration.
Communication Plan and Role Assignments
All our services availability is being monitored proactively by UptimeRobot and escalations managed via https://www.atlassian.com/software/opsgenie. Any disruptions are reported transparently organization-wide via slack, email, and phone.
...
We’ve a decentralised leadership with 9 directors managing separate areas of the business. We have 2 CXOs who operate from different parts of the world and have equal business know-how and legal rights to act on each others' behalf.
References
...