Doxim Business Continuity Planning For Our Customers
Doxim is committed at all levels to delivering the products and services our customers have come to rely on each and every day to support their critical business operation. Doxim maintains business continuity plans with our staff and our partners to enable critical functions to continue to deliver key services in the event of minor or major incidents, disruptive events and crisis situations.
We believe proactive behaviour is key in identifying threats and prioritizing risk mitigation on a regular basis. Disruption to Doxim’s business operations can come from any type of “event”; man-made or natural, without warning. By placing a priority on business continuity planning, any impacts to our employees, our customers & partners or our ongoing operations will be minimized.
Business Continuity planning at Doxim is aligned with ISO industry standards and is part of our SOC certifications in all facilities.
Doxim’s Business Continuity Plan
Doxim actively maintains a Business Continuity Plan to ensure the stability of all operations following a potential disruption or catastrophic event, such as a natural disaster, pandemic, cyber attack, or other similar events within the supply chain. The plans within the BCP define objectives, dependencies and steps to execute to limit the impact from the loss of key service and product delivery.
Our BCP and Response Team is monitored by Doxim’s Senior Leadership Team to ensure the correctness of our continuity plans.
The five major considerations of our BCP includes:
- Risk assessments are performed with the Senior Leadership Management team, to decide which facilities and functions are to be analyzed in terms of their relative vulnerability and potential impact of disruptions.
- Business Impact Analysis, are performed for each facility and major business function, beginning with the higher-risk entities. In a BIA, all major buildings, equipment, processes, human resources, suppliers and IT systems are identified, rated based on their criticality in achieving operational objectives, and an estimated time to recover is determined.
- Business Continuity Processes, which specifies the procedures for business recovery, support team roles and responsibilities, communication routes and the locations of the Disaster Recovery Plans (DRPs).
- Disaster Recovery Plans are created at the facility level to uniquely specify detailed recovery activities.
- Exercising the BCP, simulation exercise drills are performed with involvement from both site leaders and senior business leaders, seeking improvement opportunities for the organization’s preparedness.
The results and priorities of the Business Continuity Plan process and improvement activities are reviewed regularly by the BCP Management Team comprised of cross-departmental key stakeholders and Doxim senior leadership.
Communication for our Stakeholders
Regardless of the incident, Doxim is available, please email [email protected] to ask a question or raise a concern.
For a detailed response to Business Continuity matters please email:
Doxim Information Security Department [email protected]
Doxim’s BCP Management Team has an objective to keep the organization informed on response and recovery activities:
• Employee Safety & Communications
• Services Fulfillment and Customer Support
• Critical Vendors & Supply Chain
• Business Systems Support including Remote Worker Readiness
• Infection Control Readiness
• Human Resources to provide employee support
All of Doxim’s facilities are governed to support:
- Emergency Response, First aid, Safety and Evacuation plans
- Physical Security requirements at all facilities
- “Skeleton” Crew operations (essential staff)
- High Availability Network Architecture
- Network infrastructure and cyber security including data privacy and backup policies
- Customer service toolset
- Internal and external communication methods
- Asset inventories and Insurance policies
Roles and Responsibilities
During an Initiated BCP
Doxim’s Business Continuity Plan is the responsibility of the Information Security and Compliance team and is supported by members of the BCP Management Team. This team is responsible for the ongoing updates to the BCP such as the communication plan, organization charts and process and procedures. This team performs duties during BCP drills and actual trigger events and represent the Doxim organization by seeing recovery and restoration actions through to completion.
The BCP is championed by the Chief Information Officer and Chief Security Officer within the Senior Leadership Management Team, who offer business direction, resourcing and objectives to ensure the BCP arrangements are in alignment and meet corporate goals.
Doxim employees are trained in general BCP awareness. Detailed specific continued operations training is identified and issued to those who require it.
BCMS Documented Process
The BCMS documentation set is updated, at least annually and includes:
Plan Table of Contents
- Purpose, Scope, Goals, Objectives, & Assumptions
- Policy & Responsibilities
- Plan Development Processes & Procedures
- Plan Implementation, Testing & Maintenance
- Plan Invocation – Declare a Business Disaster
- Meet up Location & Facilities
- Command & Control Centre
- Communications – Internal & External
- Departmental Business Continuity Plans for business-critical functions
Through business continuity planning, Doxim exercises the necessary operational and organizational controls to improve the business’s resilience. Our approach to risk management and proactive development of the necessary plans and procedures supports Doxim’s commitment to meeting the expectations of our customers in an increasingly risk-conscious environment.