Business Continuity Policy


At Redgate, we are committed to ensuring the continuity of our business operations in the event of any disruptive incident. This policy outlines our approach to business continuity and is based on the requirements of ISO 27001:2022 and NIST 800-53.

Scope and Objectives

Identify potential threats to the organization’s ability to perform its mission and its operations.

To ensure the resilience of the business operations during and after an incident.

To ensure the security of IT and business operations during an incident and its recovery as quickly and safely as possible.


A Business Continuity Plan (BCP) shall be developed, documented, reviewed and updated (where necessary), and elements of the plan tested on an annual basis to ensure it remains current and effective unless otherwise exercised by a real-world situation.

The BCP shall include incident response procedures, data backup and recovery, and contingency plans for critical business processes. BCP shall encompass Redgate’s Major Incident Management Process and Security Incident Management Process.

Employees shall be trained on their roles and responsibilities in the BCP.

Redgate shall maintain off-site backup facilities and alternate processing sites to support business continuity in the event of an incident.

Roles and Responsibilities

The Director of IT is responsible for the overall management and execution of the BCP.

The IT Ops team is responsible for maintaining backups, implementing data recovery procedures, and ensuring the availability of critical systems and services.

All employees are responsible for familiarising themselves with the BCP and following the procedures outlined in the plan during an incident.