As a modern, forward-looking business, Qore recognizes at senior levels the need to ensure that its business operates smoothly and without interruption for the benefit of its customers, shareholders, and other stakeholders. To provide such a level of continuous operation, Qore has implemented and Integrated a Business Continuity Management System (BCMS) with existing management systems in line with the international standard for Business Continuity, ISO22301. Through the operation of this BCMS, Qore is committed to:  

Setting & Achieving Business Continuity Objectives

• Defining a framework for setting high-level objectives for business continuity that are fundamental to the nature of the
• Ensuring that defined BCMS objectives guide the setting of lower level, more short-term objectives for business continuity planning within an annual cycle timed to coincide with organizational budget
• Ensuring that adequate funding is obtained for the improvement activities identified within the
• Ensuring that Business continuity objectives are documented in the Integrated Management System Plan for the relevant financial year, together with details of a plan for how they will be
• Ensuring that Integrated Management System Plan are reviewed on a quarterly basis as part of the management review process, at which time the objectives will also be reviewed to ensure that they remain If amendments are required, these will be managed through the organizational change management process.

Satisfying Applicable Requirements

• Qore’s commitment to the delivery of business continuity extends to senior levels of the organization and will be demonstrated through this Business Continuity Policy and the provision of appropriate resources to establish and develop the Business Continuity Management
• Qore Top management will also ensure that a systematic review of performance of the programme is conducted on a regular basis to ensure that quality objectives are being met and quality issues are identified through the audit programme and management review processes.
• Qore management has appointed BCMS Managers with the overall authority and responsibility for the implementation and management of the Business Continuity Management system to ensure the success of the BCMS and protect the business from

Continual Improvement of the BCMS

• Qore is committed to continually improve the effectiveness of the Business Continuity Management System across all areas within scope
• Enhance current processes to bring them in line with good practice as defined within ISO 22301
• Achieve ISO 22301 certification and maintain it on an on-going basis
• Increase the level of proactivity (and the business perception of proactivity) with regard to the on- going management of business continuity
• Achieve an enhanced understanding of and relationship with the business units to which the BCMS applies
• Review relevant metrics on an annual basis to assess whether it is appropriate to change them, based on collected historical data and feedback from relevant sources
• Obtain ideas for improvement via regular review meetings with stakeholders and document them in a Continual Improvement Plan
• Review the Continual Improvement Plan at regular management meetings in order to prioritise and assess timescales and benefits
• Integrate BCMS into the existing management system.

Our ISO 22301 Business Continuity Management Systems (BCMS) Objectives

• Provide assurance to clients and relevant stakeholders on our Business Continuity competence through achieving and maintaining certification to the Business Continuity Management System that is compliant with ISO
• To ensure 100% safety and protection of people and company
• Provide a plan for resiliency and redundancy for all our critical business processes and
• To maintain a BCMS that promotes the culture of Business Continuity best practice amongst 80% of employees and key
• Ensure 90% compliance with Qore contractual, regulatory, and legal requirements and reduce regulatory sanctions/penalties
•  

Realization of the following business benefits

• Protection of revenue streams and company profitability
• Ensuring the continuous service delivery to customers
• Maintenance and enhancement of shareholder value
• Compliance with legal and regulatory requirements
• To reduce the impact and cost of disruption
• To ensure protection and safety of employees and company asset
• To provide assurance to our customers, partners, and other stakeholders

  This policy represents our general intent towards business continuity management, which shall be made available to all our stakeholders, and furnished upon request by any interested party. This policy will be reviewed on a regular basis to keep it in line with our intentions and mode of operations.

Setting Information Security Objectives

• Defining a framework for setting high-level objectives for information security that are fundamental to the nature of the business.
• Ensuring that defined ISMS objectives guide the setting of lower level, more short-term objectives for information security planning within an annual cycle timed to coincide with organizational budget planning.
• Ensuring that adequate funding is obtained for the improvement activities identified within the ISMS.
• Ensuring that Information Security objectives are documented in the Integrated Management System Plan for the relevant financial year, together with details of a plan for how they will be achieved.
• Ensuring that Integrated Management System Plan are reviewed on a quarterly basis as part of the management review process, at which time the objectives will also be reviewed to ensure that they remain valid. If amendments are required, these will be managed through the change management process.

Top Management Leadership and Commitment

• Qore’s commitment to the Information Security Management systems extends to senior levels of the organization and will be demonstrated through this Information Security Policy and the provision of appropriate resources to provide and develop the Information Security Management Systems and associated controls.
• Qore Top management will also ensure that a systematic review of the performance of the programme is conducted on a regular basis to ensure that objectives are being met and issues are identified through the audit programme and management review processes.

Roles and Responsibilities

• Qore management has appointed ISMS Managers with the overall authority and responsibility for the implementation and management of the Information Security Management system to ensure the success of the ISMS and protect the business from risk.

Continual Improvement 

• Qore is committed to continually improve the effectiveness of the Information Security Management System across all areas within scope.
• Enhance current processes to bring them in line with good practice as defined within ISO 27001
• Achieve ISO 27001 certification and maintain it on an on-going basis
• Increase the level of proactivity (and the stakeholder perception of proactivity) regarding the ongoing management of ISMS.
• Achieve an enhanced understanding of and relationship with the business units to which the ISMS applies
• Review relevant metrics on an annual basis to assess whether it is appropriate to change them, based on collected historical data.
• Obtain ideas for improvement via regular review meetings with stakeholders and document them in a Continual Improvement Log
• Review the Continual Improvement Log at regular management meetings in order to prioritize and assess timescales and benefits

Our ISO 27001 Information Security Management Systems (ISMS) Objectives

• Provide 85% assurance of information systems resilience.
• Protect 100% of client confidential information
• Protect 100% of critical information assets and critical business processes relative to Qore core business.
• Ensure 90% compliance with Qore, contractual, regulatory and legal requirements and reduce regulatory sanctions/penalties
• Improve security-awareness culture for 80% of employees.

Realization of the following Business Benefits

• Protection of revenue streams and company profitability
• Ensuring the continuous service delivery to customers
• Compliance with legal and regulatory requirements
• To reduce the impact and cost of disruption
• To ensure protection and safety of employees and company asset
• To provide assurance to our customers, partners, and other stakeholders

This policy represents our general intent towards information security management, which shall be made available to all our stakeholders, and furnished upon request by any interested party. This policy will be reviewed on a regular basis to keep it in line with our intentions and mode of operations.