Business Impact Analysis (BIA): A BIA will be conducted to identify and prioritize critical business functions and processes. The BIA will assess the potential impact of various disruption scenarios on these functions.

Risk Assessment: Regular risk assessments will be performed to identify potential threats to business continuity and to evaluate the effectiveness of existing controls and mitigation strategies.

Continuity Plans: Business continuity plans will be developed and maintained for all critical functions. These plans will include detailed procedures for response, recovery, and restoration activities.

Customizable RPO/RTO:

• Recovery Point Objective (RPO): Our RPO settings are tailored to minimize data loss in the event of a system failure. We provide a standard RPO setting of 30 minutes, which can effectively address the needs of most clients. This frequent data backup ensures that any lost data is limited to a maximum of 30 minutes’ work, which is suitable for various operational needs.

• Recovery Time Objective (RTO): Our RTO capabilities are designed to ensure rapid restoration of services after a disruption. We can configure our systems to achieve RTOs that vary depending on the client’s operational requirements, generally ranging from a few minutes to several hours. This is supported by our cloud infrastructure, which includes high availability and failover solutions.

CEO: Responsible for overseeing the development, implementation, and maintenance of the business continuity program. This includes coordinating with all relevant departments and stakeholders.

Department Managers: Responsible for developing, maintaining, and testing continuity plans for their respective departments. They will also ensure that their teams are trained on these plans.

All Employees: Responsible for understanding their roles in the business continuity plan and participating in training and exercises as required.

Incident Detection and Reporting: Any disruption or potential threat to business continuity must be reported immediately to the Business Continuity Manager. A designated incident response team will assess and categorize the incident.

Response Procedures: The incident response team will activate the relevant business continuity plans based on the nature and severity of the disruption. This includes communication protocols, resource allocation, and coordination with external parties if necessary.

Recovery Procedures: Detailed recovery procedures will be followed to restore critical business functions and services to normal operations. This includes data recovery, system restoration, and continuity of customer services. We engage with our clients to understand their specific operational and business needs, allowing us to configure our disaster recovery solutions accordingly.

Internal Communication: Clear and effective communication channels will be established to keep all employees informed during a disruption. This includes updates on the status of the incident, response actions, and recovery efforts.

External Communication: Communication with customers, partners, and other stakeholders will be managed to provide timely and accurate information about the impact of the disruption and the steps being taken to address it. Recovery objectives are discussed and agreed upon with clients, ensuring that expectations are clear and that Speak Ai is aligned with the client’s business requirements.

Employee Training: All employees will receive regular training on the business continuity policy and their specific roles and responsibilities during a disruption. This training will include participation in simulated exercises and drills.

Ongoing Awareness: Continuous awareness programs will be conducted to keep employees informed about the importance of business continuity and the procedures in place to ensure it.

Plan Testing: Business continuity plans will be tested regularly through simulations and drills to ensure their effectiveness and identify any areas for improvement. Testing schedules will be determined based on the criticality of the functions and services. Our recovery procedures are tested regularly to ensure that they effectively meet the designated RPO and RTO settings. These tests help confirm the effectiveness of our backup systems and disaster recovery plans, and they provide opportunities for ongoing improvement.

Plan Maintenance: Continuity plans will be reviewed and updated regularly to reflect changes in business operations, technology, and external threats. Lessons learned from tests and actual incidents will be incorporated into the plans.

Regulatory Compliance: Speak Ai will ensure that its business continuity practices comply with relevant laws, regulations, and industry standards.

Policy Review: This policy will be reviewed annually or as needed to ensure its relevance and effectiveness. Changes to the policy will be communicated to all employees.