Comments

Discussion Board - Review and Comment

How to make a comment?

1. Use this Protected Document to open a comment box for your chosen Section, Part, Heading or clause.

2. Type your feedback into the comments box and then click "save comment".

3. Do not open more than one comment box at the same time.

4. When you have finished making comments click on the "Continue to Step 2" button at the very bottom of this page.

 

Important Information

Your connection may time out due to inactivity. To avoid losing your comments, we suggest:

  1. Do not jump between web pages/applications or log comments for more than one document at a time.

  2. Do not leave your submission half way through. If you need to take a break, submit your current set of comments. The system will email you a copy of your comments so you can identify where you were up to and add to them later.

  3. Do not exit until you have completed all three stages of the submission process. Your feedback will not be saved until you prove you are human.


Business Continuity Management Policy

Definitions

Following approval, definitions will be published in the University’s glossary.

Business continuity

The capability of the University to continue the delivery of services at acceptable timeframes at predefined capacity during a disruption.

Business continuity management

The process that identifies potential threats to our University and the impacts to business operations those threats, if realised, might cause, and which provides a framework for building University resilience with the capability of an effective response that safeguards the interests of its key stakeholders, reputation, and brand activities.

Business continuity plan

Documented procedures that guide the University to respond, recover, resume, and restore to a pre-defined level of operation following disruption.

Controlled entity

An organisation that is related to the University through partial or full control/ownership.

Section 1 - Preamble

(1) Charles Darwin University (‘the University’, ‘CDU’) has a commitment to business continuity management.

Top of Page

Section 2 - Purpose

(2) Through the adoption of business continuity best practices, the University will achieve its objective to restore its critical administrative, academic, and research activities as soon as possible following a major disruptive event.

(3) This policy forms part of the University’s Business Continuity Management Framework, which is aligned to the Business Continuity Management Systems standard ISO22301:2019.

Top of Page

Section 3 - Scope

(4) This policy applies to all staff and to all activities of the University.

(5) The University is not responsible for developing a business continuity management policy for its controlled entities. The Boards of controlled entities will be responsible for establishing their own business continuity management framework and processes.

Top of Page

Section 4 - Policy

(6) The University is committed to carrying out its activities with the highest regard for the health and safety of its staff, students, and the public, and to protecting its assets and reputation.

(7) Charles Darwin University will therefore:

  1. Establish Business Continuity Plans to ensure business continuity for its key administrative, academic, and research activities.
  2. Annually review and update the plans. The process to be followed to develop a Business Continuity Plan is detailed in the Business Continuity Plan Development Procedure.
  3. Review the plans following any major operational or structural changes.
  4. Undertake regular plan validation exercises for staff training and evaluation purposes.
  5. Require management to develop, maintain and devolve business continuity planning within their areas of responsibility.
  6. Encourage the active participation of staff in business continuity matters and ensure that key personnel are able to perform competently during a major disruptive event.

(8) These initiatives will be coordinated with activities detailed in the University’s:

  1. Critical Incident and Emergency Management Policy and Procedure, which provides for a first response to a critical disruption.
  2. Local and centralised Disaster Recovery Plans, which focus on the resumption of critical information technology systems and data.

Responsibility for Business Continuity Management

(9) The University Council has overall responsibility for business continuity and in exercising this function delegates:

  1. Responsibility for oversight of business continuity management activities to its Audit, Risk and Compliance Committee; and
  2. Responsibility for the implementation of the Business Continuity Management Framework to the Vice-Chancellor.

(10) The Audit, Risk and Compliance Committee will:

  1. Provide oversight to business continuity management activities across the University; and
  2. Report to the Council on the performance of business continuity activities (this may form part of a broader report on the work of the Committee).

(11) The Vice-Chancellor delegates responsibility for ensuring that business continuity management practices are established and maintained in accordance with this policy to the Vice-President Governance and University Secretary.

(12) The Vice-President Governance and University Secretary has:

  1. Delegated authority to ensure that business continuity management practices are established and maintained and that support and guidance is provided to the University community; and
  2. Responsibility for the operational management of business continuity management practices University-wide.

(13) Executive Leadership Group/Senior Management:

  1. Senior Managers are business continuity plan owners, and will use all reasonable endeavours to ensure that the essential services/functions, for which they have responsibility, are able to continue through, or resume soon after a major disruptive event, and that arrangements are in place to achieve this.

(14) The Director, Risk and Assurance is responsible for:

  1. Promoting and facilitating the implementation of business continuity practices;
  2. The ongoing development of the Business Continuity Management Framework; and
  3. Providing guidance and assistance to senior management and staff in fulfilling the responsibilities defined in this policy.

Contact for further information

(15) If you have any queries regarding the content of this policy or need further clarification, please contact Risk and Assurance at risk@cdu.edu.au.

Top of Page

Section 5 - Non-Compliance

(16) Non-compliance with governance documents is considered a breach of the Code of Conduct - Employees or the Code of Conduct - Students, as applicable, and is treated seriously by the University. Reports of concerns about non-compliance will be managed in accordance with the applicable disciplinary procedures outlined in the Charles Darwin University and Union Enterprise Agreement 2025 and the Code of Conduct - Students.

(17) Complaints may be raised in accordance with the Complaints and Grievance Policy and Procedure - Employees and Complaints Policy - Students.

(18) All staff members have an individual responsibility to raise any suspicion, allegation or report of fraud or corruption in accordance with the Fraud and Corruption Control Policy and Whistleblower Reporting (Improper Conduct) Procedure.