Minutes:
A report of the
Director of Legal and Governance Services (Monitoring Officer) was presented to
outline
the Council’s approach to
business continuity management, summarise activity in the past year and planned
activity for 2023, to provide the Committee with assurance that the Council had
robust arrangements in place, as required by the Civil Contingencies Act 2004.
The Council’s Corporate Business Continuity Plan defined
critical functions as those which, if interrupted could result in:
The Council would consider activating its
business continuity plans if there was a business interruption event that:
The Council had the following plans in place
to respond to the variety of events that could occur:
The Council did
not publish its business continuity plans as they outlined sensitive information
around its critical functions and their recovery that could be misused and
contained personal information relating to employees that had agreed to share
personal contact details to enable the Council to get in touch with them
quickly in the event of an incident. Paragraphs 8 to 14 of
the submitted report outlined the content of the Council’s plans in broad terms.
The Council aimed
to test its plans at least once every 12 months, or produce a lessons learned report if a live incident had occurred during
the past year. Due to the ongoing nature
of the pandemic, no test was undertaken in 2022, however during 2023 a live
test of business continuity was planned to ensure that senior managers
understood their roles and responsibilities during an incident and to test the
robustness of plans.
During the 2022 annual review of plans,
there was an increased focus on the impact loss of power could have on critical
activities to ensure services planned effectively for this event.
Details of the actions delivered in 2022 to
ensure good governance in relation to business continuity were detailed in
paragraphs 20 to 23 of the submitted report.
During 2023/2024 further work would be undertaken to build on progress
made as part of the Council’s commitment to continual improvement in business
continuity planning as follows:
Training
Documentation
Communication
It was clarified
that Middlesbrough Council considered disruption events that had taken place in
other authorities as part of its planning and testing. The locations of Middlesbrough Council’s two
data centres were confirmed.
AGREED that the arrangements in place to manage business continuity
within the Council, progress within the last
year, and plans to further strengthen those arrangements were noted.
Supporting documents: