Business Security Officer

Job Description

About the role

To meet the requirements of our policies and the audit recommendations we need the following activities to be in place and performed on a regular basis (most often annually).
– Maintain a Business Continuity and a Crisis Management policy
– Maintain a list of critical activities and assets in Orange Business Cloud
– Using the business impact assessment methodology to identify the critical activities and critical assets within the organisation. Should these activities/assets fail the impact to the business would be significant.
– for all critical activities, define and implement missing Business Continuity Plans
– Ensuring that if there is a crisis impacting these activities then we have a backup plan to recover them while the crisis is being managed, thereby reducing impact to the business.
– for all critical assets, define and implement missing Disaster Recovery Plans
– Ensuring that if there is a crisis impacting these assets then we have a backup plan to recover them while the crisis is being managed, thereby reducing impact to the business.
– Data backup. Ensure that entities with IT responsibility have a data backup strategy defined and implemented and that data backups are monitored and ability to restore tested.
– Test regularly our Business Continuity Plans and Disaster Recovery Plans
– According to our policy our plans needed to be tested at least annually or if there is a significant change to the business. A test report is required outlining the purpose of the test, its success rating, and any associated improvement plans.
– Develop awareness and readiness of Orange Business Cloud staff for crisis and Business Continuity situations through an active BCCM community, regular communications, executive reporting, crisis simulations and training programs With these actions in place Orange Business Cloud will be prepared to respond to and manage any future crisis events and be confident that our business continuity and disaster recovery plans will minimise the impact of any such crisis thereby protecting our people, our business, and the business of our customers.