Disaster Recovery Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd

Who Are MSM Compliance? MSM is a national professional services business focused on the general insurance industry. Your company has engaged MSM to assist in the management of its obligations as a holder of an Australian Financial Services Licence. MSM helps to ensure that you and your company comply with your AFS Licence obligations with the least disruption to your core business.

Why Are You Reading This? To provide you with an introduction to our Disaster Recovery Policy and Procedures. It will present you with a synopsis, but not the detail. You should still take the time to read the full Disaster Recovery Policy & Procedures.

Why Do We Have Disaster Recovery Procedures? Every day there is the potential for a disaster to disrupt our business and IT resources. These Policy and Procedures are designed to minimise the impact of any such disaster. It is a requirement for all businesses that are licensed under the Corporations Act to maintain a formal and documented approach to Disaster Recovery.

Who Is Responsible For Disaster Recovery? The Responsible Manager(s) is ultimately responsible for the implementation and effectiveness of these Policy and Procedures. The Disaster Recovery Co-ordinator is responsible the effective implementation and operation of Disaster Recovery Procedures . All staff and Authorised Representatives must be familiar with and comply with this Policy and Procedure. Additionally all staff are encouraged to look for improvements to our procedures.

Who Is The Disaster Recovery Co-Ordinator (DRC)? The DRC is designated on our Organisation Chart by the code DRC. Roles and responsibilities of the DRC include; Maintain the effectiveness of our disaster recovery procedures Test and validate the assumptions relied upon in the procedures. Monitoring changes in the work and external environment that might impact on our Disaster Recovery Procedures. Review and assess these Policy and Procedures on an annual basis to ensure that they will meet our requirements in the event of a Disaster. Review and update the Disaster Recovery Checklist on an annual basis. Ensure sufficient Business Interruption and Property insurance is maintained. Work with our Responsible Manager(s) to make critical business decisions throughout the period that the company is recovering from a disaster.

Disaster Recovery Planning Risk Management Procedures are utilised to manage these risks, but it is unlikely we will be able to totally avoid them. Practical steps to ensure our organisation can continue to operate with the least disruption. Plan for worst case scenario, even though it is unlikely Specify triggers for DR to come into effect. Source alternate premises, IT & communications hardware. Assign & describe duties to each staff

Review & Updates Our Disaster Recovery Policy & Procedures will be reviewed on an annual basis as part of our the Business Planning process or after any major or catastrophic loss or near loss impacting on the business. Any changes will be advised by management either via Email or at our regular Staff meetings.

In Summary You should read the full Policy & Procedures. read the Disaster Recovery Checklist be aware of the roles and responsibilities of various staff (specifically yours) in the Disaster Recovery Plan.

Where To From Here? Please take the time to read our full Disaster Recovery Policy and Procedures and if you require further clarification discuss with our Disaster Recovery Co-ordinator.