Update from the Business Continuity Working Group

(1)

18 June 2015

Performance and Resources Board

14

To note

Update from the Business Continuity Working Group

Issue

1 The Business Continuity Working Group oversees the development, maintenance and improvement of the GMC’s business continuity plans and the associated business continuity management system. We continue to work to align these plans with the relevant standard ISO 22301:2012.

Recommendations

2 The Performance and Resources Board is asked to:

a Note the work of the Business Continuity Working Group.

(2)

2

Update from the Business Continuity Working Group

Issue

3 The Business Continuity Working Group (BCWG) is responsible for providing management direction and support as we further develop the Business Continuity Management System (BCMS) and its subsequent implementation, maintenance and continual improvement. This work is necessary to ensure that the GMC can respond effectively in the event of a disruption to normal operations.

4 This group is chaired by the Director of Resources and Quality Assurance and reports to the Board annually.

The work of the BCWG

5 The BCWG meets bi-monthly and over the last 12 months has overseen a programme of work to improve the existing plans, enhance response strategies by reviewing past incidents, raise awareness of business continuity across the GMC and further develop a business continuity management system to align with the ISO standard. The GMC has business continuity and pandemic plans in place, both of which have been updated and approved by the BCWG twice in the last 12 months.

6 The Emergency Response Plans for the 3 Hardman Street and 350 Euston Road sites, which provide detailed guidance for front line staff and managers in the event of a significant building evacuation, were also reviewed and updated in December 2014. All these plans and the Medical Practitioners Tribunal Service’s Business Continuity Plan are published on the intranet and were issued to the desktops of the BCWG and the Incident Management team in December 2014.

Local planning

7 A significant focus for the planned work programme in 2014 – 2015 was to achieve a higher level of involvement in the business continuity planning process at all levels across all departments, to enhance our ability to respond to an incident.

8 Work was completed with departments to review their Business Impact Analysis documents (BIA). These updated documents were then used as the basis for the departmental recovery plans which document how local teams will respond in the event of an incident. At the start of the 2015 - 2016 work programme we had achieved a 93% completion rate of these plans. The areas where we had not

(3)

3 Workplace recovery offsite

9 In June 2014 we carried out an offsite recovery test with selected Contact Centre advisers. We were able to prove that the Contact Centre lines can be switched to the Phoenix recovery site and that the staff can relocate to take calls from there; and carry out any necessary actions on GMC systems. We also prepared a comparison matrix setting out the availability of the GMC applications, call handling systems and management information mapped against a range of impacts against premises and resources.

10 The group considered whether the option to use a London recovery site was

something we needed to retain when renewing the contract in 2015. The site is no longer required for IS system recovery as we have a fail over service between Manchester and London and an offsite recovery centre in Manchester. The provider has closed the original London recovery site and the new site is in a less useful location. We can obtain meeting rooms for staff to use from other providers, and by giving up the option to use the site, concentrate our budget on the site we use in Manchester. As staff are now able to work from home the option of using a central alternate work location did not feature in any department’s planning. The group first discussed this following the Contact Centre exercise in 2014 and then undertook further research into how laptops are used to ensure we had workable alternatives in place. The issue was revisited and following further consideration the group decided that there were no circumstances that we could envisage that the retention of this option was required. Consequently, we are not including a London site in the new tender process which started in April 2015.

Use of laptops in an incident

11 In reviewing local plans it became apparent that since the introduction of scheduled home working, departments are planning to use this option for recovery where an incident may either prevent access to GMC premises or where staff have difficulties travelling to work. This strategy is now a key feature of our planning and offers departments an apparently straightforward alternative to office based working to ensure work continues.

(4)

4 Business Continuity Awareness Week

13 We took the opportunity presented by the international initiative Business Continuity Awareness Week (BCAW) on 16 – 20 March 2015 to explain to staff that we have local plans in place and to get them to check they were clear about what they need to do to prepare for a potential disruption on a personal and team level. Handouts about ways we have been planning and will keep in touch were made available and new intranet information pages were promoted during drop in sessions on the three largest sites. An Inside Info article promoting BCAW provided the same information with links to associated documents and intranet pages for those unable to attend the drop in sessions.

14 We have enhanced the ways in which staff can find information by adding a contact called Business Continuity: Incident Update line to Outlook contacts. This also includes information in the notes section about a hotel emergency contact number which staff can use if stranded whilst travelling on behalf of the GMC and provides the dedicated Human Resources contact number which ensures friends and relatives can be connected with an appropriate person. We have now also issued the GMC business continuity and emergency response plans to all staff desktops.

15 During BCAW, we carried out a survey with staff in Manchester following an

evacuation of our Hardman Street office. The same survey was also carried out with staff in London as part of a quiz, to find out what staff would take with them if evacuated from the building. We were reassured that staff are able to evacuate our buildings quickly and safely but it was also clear that the majority of staff don’t take their laptops with them in an evacuation.

16 If we were to be evacuated and not allowed back into our buildings the majority of staff working in the office that day would not have their laptops. A recent

subsequent Inside Info article on this subject sought to confirm to staff our guidance about what is it safe to take with them. We are also working with local plan owners to encourage staff to think about how they will respond in an evacuation. Local grab bags will now contain fold up bags which can be issued to staff to protect any laptop taken outside during an evacuation. This follow up work gives further reassurance that the strategy which relies upon laptops and home working is a realistic one. 17 Continuing the work started in BCAW, we are planning work with departments to

ensure that key staff are aware of their role in an incident. We aim to use training sessions and small scenario exercises to achieve this.

Ongoing review work

(5)

5 19 Examples of such incidents since the last update to the PRB have included:

a A loss of network service to the Edinburgh office due to a third party supplier failure. A back-up option for the devolved offices will assist in reducing this risk.

b Fire in another tenant’s demise at 3 Hardman Street over the weekend caused a sprinkler activation which was isolated by the fire service and made safe. Potential water damage to our area was avoided.

c Tube strike and Northern rail strikes threatened, bus strikes in London.

d Ebola outbreak in West Africa – steps were taken to assess any risk to GMC staff and appropriate steps taken.

e Power supply issues to lifts at St James’s Buildings.

f Water damage to several parts of at St James’s Buildings caused by water coming through the ceiling where the landlord’s contractors are fitting out the floor above. 20 The work programme is reviewed at each meeting to ensure that tasks are on target.

The group also ensures that any follow up work from actual or potential incidents is being undertaken and discuss any new issues or risks that may arise.

Further developments

21 The work programme for 2015-16 is also focusing upon the extent to which we have developed the BCMS to align with the ISO 22301:2012 standard. To this end we have commissioned external consultants to carry out a gap analysis of our documentation and planning against the requirements of the standard. On receipt of this the group will review the work programme and consider whether or not to continue to align to the standard or apply for accreditation.

22 A review of Business Continuity planning has been commissioned which will be considered by the Audit and Risk Committee at is meeting on 15 September 2015.

Business Continuity Policy and policy summary statement

23 The Business Continuity Policy and policy summary statement noted by the Board in June 2014, has since been reviewed by the BCWG to take account of the current 2015 Business Plan.

24 The significant changes to the policy document have been made in the section

(6)

6 25 This document and the associated Business Continuity policy summary statement

have been agreed by the BCWG under the terms of reference document agreed by the Board at its meeting on 26 June 2013. The revised policy document is at Annex A and the summary policy statement at Annex B. The signed the policy summary

statement can be issued to any external interested party.

(7)

7 How this issue relates to the corporate strategy and business plan

27 Strategic aim 5: Work better together to improve our overall effectiveness, our responsiveness and the delivery of our regulator function.

(8)

14 – Update from the Business Continuity Working Group

Annex A

(9)

A2

Business Continuity Policy

Author Sheila Tuffrey

Version 1.4

Issue date draft 19 May 2015

Review Date 3 June 2016

(10)

A3

2 The GMC Business Continuity Management (BCM) Policy sets out the framework within which the GMC develops sustainable business continuity plans and will develop its existing plans to align with the new standard ISO22301:2012. This is achieved through the development of a BCMS involving a process of continual improvement. This planning is necessary to ensure that the GMC can respond effectively in the event of a disruption to normal operations.

Scope

3 This policy applies to all GMC and MPTS staff and their activities at the three largest GMC sites listed below:

 350 Euston Road, London  3 Hardman Street, Manchester  St James’s Buildings, Manchester

4 This policy also applies to services provided by GMC staff working at the devolved offices or elsewhere but for business continuity planning purposes the premises are excluded and staff will either transfer their work to the one of the larger sites or work from home until alternative premises can be sourced.

5 This policy provides guidance for the resumption and recovery of time sensitive business operations in accordance with their designated priority as critical activities in support of key services as well as ensuring that adequate plans are in place for the less time sensitive business operations.

Business Continuity Management System (BCMS) Objectives

6 The objective of the BCMS is to ensure the GMC’s strategic aims are not compromised in the event of disruption.

7 In developing a BCMS the GMC will:

(12)

A5

 Develop Business Continuity Plans which enable the GMC to maintain continuity of

service following a business interruption and reduce the impact of such a

disruption for our stakeholders in accordance with the agreed recovery time set out in business continuity plans.

 Exercise, maintain, review and improve the Business Continuity Plans to ensure

they remain fit for purpose and are appropriate to the current aims and objectives of the GMC

 Provide the resource needed to establish, operate, maintain and improve the

BCMS

Business Continuity Requirements

8 The GMC’s business continuity management policy provides a framework through which the following BC requirements will be met.

 A comprehensive Business Continuity Management Systems (BCMS) is established

and maintained following the requirements of ISO 22301.

 Business impact analysis and risk assessment will be applied to our key services

and their supporting activities systems, process and resources.

 The GMC will maintain a Business Continuity Risk Register (BCRR) in order to

reduce the likelihood of a disruption and improve resilience. The Corporate Risk Register and the Information Security Register will be monitored for any business continuity related risks which will be reviewed and if necessary included in the BCRR. Unresolved significant or critical risks will be escalated to the BCWG prior to each meeting.

 A Business Continuity Strategy will be developed which will determine the most

appropriate methods by which to recover the critical activities and resources within the recovery time objectives following a business interruption.

 Based on the BC Strategy, operational and management plans will be developed

that detail how critical activities and their supporting resources will be recovered within their recovery time objectives. These plans will also detail how the incident will be managed.

 Plans are subject to an ongoing exercise programme, continuous review and

improvement, so that all stakeholders, including senior managers, can be assured that the BCMS remains up to date relevant and effective.

 Each department will carry out reviews of their business continuity plans at least

(13)

A6

 Contracts with suppliers of critical goods and services to the GMC must include a

requirement for the supplier’s business continuity process to be approved to the satisfaction of GMC.

 All staff must be made aware of the plans that affect their Directorate or section

and their role following a BCP invocation.

Organisational Objectives and Obligations of the GMC

9 The strategic aims for the GMC for 2014 – 2017 set out below allow us to enhance and expand our core work:

 Make the best use of intelligence about doctors and the healthcare environment to

ensure good standards and identify risks to patients.

 Help raise standards in medical education and practice

 Improve the level of engagement and efficiency in the handling of complaints and

concerns about patient safety

 Work more closely with doctors, medical students and patients on the frontline of

care.

 Work better together to improve our overall effectiveness, or responsiveness and

the delivery of our regulatory functions

10 Our key priority for 2015 is maintaining the quality of our core regulatory functions which includes:



 Registering doctors

 Overseeing doctors’ education and training  Setting the standards for doctors

 Helping to raise standards through revalidation

(14)

A7 Risk Evaluation and Risk Appetite

11 The Business Continuity Risk Management procedure is complementary to the Risk Management Framework set out by the GMC as part of the internal control and corporate governance arrangements.

12 The procedure enables the organisation to understand the threats and vulnerabilities of its critical activities underpinning the key services and the potential impact caused by a business interruption.

13 Risk evaluation establishes whether risks are adequately mitigated and, if not, determines what additional action is required to reduce their impact or likelihood of occurrence. In each case, we define the level of residual risk that is acceptable. 14 Risk appetite is therefore established on a risk-by-risk basis by defining the level of

residual risk that is tolerable and justifiable once mitigating action has been taken. 15 Using these factors, we identify risks that are not adequately mitigated and determine

what additional measures are required. Where the residual risk is still considered significant or critical, the procedure details an escalation procedure for further evaluation.

Legal and Statutory Obligations

16 The GMC is the independent regulator for doctors in the UK We have four main functions.

 Keeping up-to-date registers of qualified doctors.  Fostering good medical practice.

 Promoting high standards of medical education and training.

 Dealing firmly and fairly with doctors whose fitness to practise is in doubt.

17 Our legal purpose is to protect, promote and maintain the health and safety of the public by making sure that doctors meet our standards for good medical practice. 18 We do that by controlling entry to the medical register and setting the standards for

medical schools and postgraduate education and training. We also determine the principles and values that underpin good medical practice and we take action when those standards are not met.

(15)

A8 medical profession – their interests are protected by others. Our job is to protect patients.

20 When any doctor fails to meet our standards, we will act to protect patients from harm – if necessary, we will remove the doctor from our register and remove their right to practise medicine.

21 We aim to secure a regulatory system that is independent and accountable and we:

 put patient safety first

 support good medical practice

 promote fairness and equality and value diversity

 respect the principles of good regulation: proportionality, accountability,

consistency, transparency and targeting.

22 The GMC was established under the Medical Act 1858 and over time legislation has been introduced that defines our powers and responsibilities in the various areas of our work. The GMC is a registered charity in England and Scotland and our governing body, the Council, makes sure that we fulfil our charitable purpose and statutory role. 23 The GMC is also committed to ensuring that it meets all the other legal obligations

placed upon any business and employer for example in relation to health and safety, employment, data protection, equal opportunity legislation.

24 The GMC will use its usual communication channels to inform employees and other interested parties of any new or changed legal and regulatory requirements.

Stakeholders

25 The interests of key stakeholders are supported by the BCM Policy. Stakeholders are defined as:

 Patients and public  Doctors

(16)

A9 Key Services

26 In the event of an incident which prevents us from fulfilling our full range of statutory functions we consider being available to the public and profession to advise, confirm registration status and receive any complaints as a key service and will recover the Contact Centre and GMC website as a priority.

27 We will also ensure that the registration of doctors, and where necessary their removal from the register where they are found unfit to practise, will continue. We will therefore restore the registration enquiry service, investigations function and the running of FTP review and IOP hearings as a priority.

Management Commitment and Allocation of Responsibilities

28 The Director of Resources and Quality Assurance is responsible for Business

Continuity and will be assisted in this role by the Business Continuity Working Group (BCWG). The BCWG is accountable to the Performance and Resources Board and the Director will refer matters as necessary. This board comprises the Chief Operating Officer, Directors and representative Assistant Directors.

29 The role and responsibilities of the BCWG are set out in the Business Continuity Working Group Terms of Reference document.

30 The role and responsibilities for the management of business continuity across the GMC are set out in the Business Continuity Roles and Responsibilities Document. Policy Review Date

31 This policy will be reviewed annually from the date of approval. Related Documents

 Business Continuity Working Group Terms of Reference  Business Continuity Roles and Responsibilities document  BC Risk Management Procedure.

 GMC Risk Management Framework  GMC Business Plan 2015

(17)

A10 Glossary

British Standard Definitions

BCMS: Business Continuity Management System is one that establishes, implements, operates, monitors, reviews, maintains and improves business continuity.

BCP: Business Continuity Plan – is a documented set of procedures and information that is developed, compiled and maintained in readiness for use in an incident to enable an organisation to continue to deliver its critical activities at an acceptable predefined level. BCM Policy: The Business Continuity Management Policy sets out the GMC

management’s commitment to BC including the organisations objectives and BC Strategy is the approach by an organisation that will ensure its recovery and continuity in the face of a disaster or other major incident or business disruption. Recovery Time Objective is the target time set for the resumption of the service, or resumption of performance of an activity, or recovery of an IT system or application after an incident. (Note: The recovery time objective has to be less than the maximum

tolerable period of disruption)

Maximum tolerable period of disruption is the duration after which an organisation’s viability will be irrevocably threatened if a service or activity cannot be resumed

Other Abbreviations

BCWG: Business Continuity Working Group –this GMC group is responsible for the management direction and approval of the BCMS during development phase and

(18)

A11 Document Management

Document storage, access and security

1 All documents comprising the BCMS will be stored securely and centrally on Livelink which is part of the electronic document management system of the GMC. Access to specific documents, ownership and version control will be applied as appropriate to each document. This system is compliant with the ISO27001 standard and managed in accordance with the GMC Information Security Policy. The BCM Policy should not be distributed or transmitted to any other parties without the express permission of the Business Continuity Manager.

Preservation

2 If the document is out of date (i.e. past its review date) it should be destroyed by secure shredding for paper versions and electronic versions should be deleted.

Retrieval and Use

3 This Policy provides the framework and guidance for the Business Continuity Management System and can only be retrieved from Livelink by the Business Continuity Manager, Director of Resources and Quality Assurance or the BCWG. A pdf version is available to staff on the intranet.

Control of Changes

4 Uncontrolled modification and revision of content is prohibited and revision

procedures should be followed at all times. No changes should be made to the Policy without the agreement from the Business Continuity Manager either as part of the maintenance programme or during an incident.

5 When major revisions are made the document should be saved as the next version number. For minor revisions the version number should be updated by 0.1.

Preservation of Legibility

6 The document should be legible at all times and company guidelines for the use of style templates should be followed.

Prevention of the Unintended Use of Obsolete Information

(19)

A12 Retention and Disposal

8 Old electronic versions of the BCM Policy should be retained for 3 years in Livelink. After this it should be deleted. Paper versions of the BCM Policy should always be current. Old versions should be securely shredded.

Document Control Version History

Revision Status* Author Reason for _Issue Date 0.1 – 0.3 Drafts for

comment S Tuffrey Creation and review by BCWG

7 March 2011to 15 April 2011

1.0 Agreed S Tuffrey Final agreed

version from BCWG

9 May 2011

1.1 Draft STuffrey For review by

BCWG/ Performance and Resources Board April/May 2013 1.2 Issued – see

below STuffrey Changes proposed by BCWG/AD R&QA

15 May 2013

1.3 Agreed Stuffrey Updated to

reflect GMC Corporate strategy 2014-2017

4 June 2014

1.4 draft STuffrey Updated to

reflect 2015 Business Plan key priorities for core work

19 May 2015

* e.g. Draft, for Comment, Agreed

Review and Sign Off

By Method Signature

BCWG On circulation Sign off by Chair post

circ

Maintenance and Review

Date of Review Action Required Responsible Person

(20)

A13 approval currency – in particular business objectives

and management arrangements.

Distribution List

Version Name Position/Organisation Method of _Issue 1.4 All members of

BCWG GMC staff members Livelink link by email

(21)

14 – Update from the Business Continuity Working Group

Annex B

(22)

B2

Business Continuity Policy Summary Statement

1 The GMC exists to protect, promote and maintain the health and safety of the public by making sure that doctors meet our standards for good medical practice.

2 As an independent regulator for doctors in the UK our job is to ensure patients have confidence in doctors. In order to continue to provide the services which our key interest groups value we have identified the activities which support those services as a priority for recovery in the event of any business disruption.

3 The GMC’s Business Continuity policy provides the framework within which we can assure the public that the management procedures in place ensure that we have effective plans which both ensure the safety and welfare of our staff in the event of an incident and that key services are recovered to an acceptable standard as a priority.

4 We consider being available to the public and profession to advise, confirm

registration status and receive any complaints as a key service and will recover the Contact Centre and GMC website as a priority.

5 We will also ensure that the registration of doctors, and where necessary their removal from the register where they are found unfit to practise, will continue. We will therefore restore the registration enquiry service, investigations function and the running of FTP review and IOP hearings as a priority.

6 The plans will contain a clear incident management structure and escalation process for the invocation of the plan.

7 There will be a requirement within the plans that communication with key interest groups and staff, is centrally managed to ensure it is factual, appropriate and timely. 8 All members of staff who have a role in recovering critical business activities or

management of the incident receive regular and appropriate training.

9 The plans which all form part of the overall BCP are exercised regularly to ensure they are fit for purpose and up to date.

10 Accountability for Business Continuity resides with the Business Continuity Working Group, comprising GMC senior management.

11 The BCMS is being developed, implemented, reviewed and maintained with the aim of alignment with the ISO 22301:2012 standard.

Signed: Niall Dickson

Update from the Business Continuity Working Group

14

Update from the Business Continuity Working Group

Update from the Business Continuity Working Group

Annex A

Business Continuity Policy

Contents

Annex B

Business Continuity Policy Summary Statement