Business Continuity Plan October 2021 1 Contents Contents 2 Document Details 3 Ownership & Location 3 Document History 3 Document Approvals 4 Introduction and Purpose 5 What situations should be dealt with under the BC Plan? 5 Roles & Responsibilities 6 Incident Management Process 7 Phase 1: General Incident 8 Phase 2: Potential BC Incident 11 Phase 3: BC Incident 12 Appendix 1 – Business Continuity Policy 17 Appendix 2 – Crisis Management Team 17 Appendix 3 – Senior Executive 19 Appendix 4 – Red/Yellow Alert guidance 20 Appendix 5 – Key Stakeholders and communication methods 21 Senior Managers’ contact information 23 Institute and Awarding bodies contact information 25 Government bodies contact information 25 Critical clients 26 Critical Supplier and Vendor Contact Information 27 Appendix 6 – Example Scenarios and Proposed Recovery Strategy 27 Appendix 7 – Business Process and Location Risk Assessment 43 Appendix 8 – Alternate Site Information 43 Appendix 9 – Building Contacts - Internal and External 44 Appendix 10 - Pearson UK Insurance Cover 44 Appendix 11 - Pearson UK IT Service Continuity Plan 44 Appendix 12 – Incident Management - BC Escalation Chart 45 Appendix 13 – Pearson UK Incident Report Template 49 Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 2 of 50 Document Details Ownership & Location The Business Continuity Crisis Management Team (CMT) is the owner of this document. The current version of this document is available to specified members of staff in the Pearson TQ Business Development directory Document History Version Revision Date Author(s) 1.0 April 2019 GO 2.0 Oct 2021 GO Summary of Change(s) • • • • • • • • • • Signature added P2 Table Page 2 updated Page 3 update cycle added P12 BCP incident apprenticeship communication methods updated P14 BCP Plan learner contact plan updated P25 Government bodies contact information table update P26 Critical Clients updated Appendix 1 updated Appendix 7 updated Appendix 8 updated Note: Prior to version 4.1 the Business Continuity Policy was incorporated into the Business Continuity Plan. Pearson took the decision to separate the policy from the plan during the 2017 revision process in order to simplify the plan and provide clarity and focus on resolution in the event of an emergency. Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 3 of 50 Document Approvals Overall Responsible Officer VP Pearson TQ Martyn Leader.......................... Date...................................... The Business Continuity Crisis Management Team (CMT) are the approvers of this document. Role Name Date of Issue Version VP Martyn Leader 20 Oct 21 Operations Manager UK Mike McHale 2.0 Head of Apprenticeships Poppy Carter Mills 2.0 Senior Quality Manager Neil Saunders 2.0 MIS and Funding Compliance Manager Rhys Ling 2.0 Health & Safety, Compliance and Quality Manager Daniel McGlynn 2.0 Head of Business Development Garrie Owens 2.0 Head of Business Development Fay Granville 2.0 HR Business Partner Victoria Hayden 2.0 Operations Manager and BCC secretary Tina Hutchinson 2.0 Head of IT TBC 2.0 Health & Safety, Compliance and Quality Manager Daniel McGlynn 2.0 Graphics and Social Media Manager Jenny Stratford 2.0 Head of Finance Giorgio Puzzella 2.0 General Counsel Suzanne KingChristopher 2.0 Signature 2.0 Signed off at SMG meeting 19th Oct 21 Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 4 of 50 Introduction and Purpose This plan has been created in accordance with the Pearson Global Business Resilience Policy, see Appendix 1 (Global Business Resilience Policy). It is for use by the Crisis Management Team, Senior Leadership and Senior Management within PTQ s to manage escalated incidents that impact or have the potential to impact Business Continuity of apprenticeship delivery. It has 2 key purposes: ● To give guidance to management as to when an issue is considered severe enough to escalate ● To give Pearson UK Crisis Management Team (CMT) guidance and support in dealing with these issues to ensure that the business can continue to operate with minimal impact on students, clients, employees and suppliers. The document is to be reviewed every three years or after a significant business continuity event. Changes in key contacts should be emailed to daniel.mcglynn@pearson.com Note: 1. All Pearson UK staff will be aware of incidents that should be managed locally and be provided with guidance for escalating incidents to the CMT. 2. Pearson Global policies have precedence if issues impact across other lines of business What situations should be dealt with under the BC Plan? Situations that represent a significant risk to the security, health or safety to our learners, our customers, the public or our employees, or which represent a significant threat to our ability to deliver our products and services are potential BC events. For guidance on when incidents should be escalated (from Local Management / Helpdesk Channel to a CMT Member as a potential BC Incident, or to the CMT Leader to declare a BC event), see Appendix 12 (Incident Management - BC Escalation Chart). Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 5 of 50 Roles & Responsibilities Role Responsibilities Pearson UK staff (including Freelancers & Contractors) ● Identify and report events that might disrupt delivery of Pearson UK services ● Support the CMT or Senior Managers as instructed during a BC event ● Initial assessment of incidents ● Where possible, resolve incidents locally ● Where appropriate, incident escalation to a CMT member ● Support the CMT or Senior Managers as instructed during a BC event ● Detailed assessment of escalated incidents ● Where possible, resolve incidents locally ● Where appropriate, incident escalation to the CMT Leader ● Where appropriate, declare a Business Continuity event ● Where a Business Continuity event has been declared, chair CMT meetings Crisis Management Team ● Enact the Business Continuity Plan during a potential or confirmed BC event Business Continuity Secretary ● Mobilise the CMT, arranging meetings, documenting details as per the BCP Incident Tracking sheet during a BC event. Local Management or designated Helpdesk Channel Crisis Management Team Member Crisis Management Team Leader Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 6 of 50 Incident Management Process Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 7 of 50 Phase 1: General Incident General Incident - DETECT 1.01 Escalate incident ● Where an incident has an established Helpdesk Channel, the Pearson Staff Member will follow the defined process. For example, IT issues are to be raised via the IT Helpdesk. ● Where no established escalation channel exists, the Pearson Staff Member will raise the incident to their Line Manager, or department head for Local Management. NEXT STEP 1.02 Assess Incident General Incident - ANALYSE 1.02 Assess Incident ● Local Management or Helpdesk Channel will perform an initial assessment or update an existing assessment of the incident to determine: a. What has happened? b. Where? c. When? d. Why? e. What/who is it affected? Any injuries/fatalities? f. Impact? What can’t we do and what problems will that cause? g. How long is this issue likely to last? h. What expert advice is available? i.e. police guidance, government advice, institutes/awarding bodies i. What emergency procedures have already been (or planned to be) implemented (including building evacuation status, civil authority response, entity currently having building control) and assess whether anything further is required j. Is the issue a Red/Yellow Alert? Review Appendix 4 (Red/Yellow Alert guidance) and follow guidance if it does. k. Is the incident severe enough to be a Business Continuity issue and require escalation to a CMT member? Review Appendix 12 (Incident Management - BC Escalation Chart). NEXT STEP - Is escalation to CMT Member required? ● YES - 2.01 Escalate incident to CMT Member ● NO - 1.03 Create / update Response Plan General Incident - PLAN 1.03 Create / update Note - A response plan contains a recovery strategy and a communications plan. Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 8 of 50 Response Plan ● Local Management or Helpdesk Channel will create a Response Plan as follows: 1. Check whether a recovery strategy exists (for example, local procedures or disaster recovery plans) 2. Create a new (or review and update an existing) recovery strategy as follows: a. Agree what is the best likely resolution to the issue? b. Identify any decisions or information needed c. Document actions, priorities, responsibilities (i.e. owners) d. Agree deadlines required within the next 24 hours e. Determine what resources are required 3. Create a new (or review and update an existing) communications strategy as follows: a. Put together a communications plan for the next 24 hours. Consider all relevant stakeholders - a list of these and their contact details are available in Appendix 5 (Key Stakeholders and suggested communication methods). b. For each stakeholder group it should be agreed; i. What we need to tell them ii. How do we want to do this iii. When do we want to do this iv. Who will take responsibility v. When and how often should we provide updates vi. Who approves communications before they are sent out (should be the Director of Communications) 4. Arrange date, time and location for when the team will reconvene to discuss progress and next steps. NEXT STEP 1.04 Execute Response Plan and monitor General Incident - RESPOND 1.04 Execute Response Plan and monitor ● Local Management or Helpdesk Channel will follow the steps as per the Response Plan, issuing out communication updates as per the communication strategy defined in Step 1.03. They will continue to manage and oversee the incident until they feel all major risks have been overcome and the situation can be resolved. NEXT STEP - Is the incident resolved? ● YES - 1.05 Declare Incident resolved ● NO - 1.02 Assess Incident Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 9 of 50 1.05 Declare incident resolved ● Local Management or Helpdesk Channel will communicate resolution of the incident in line with Local Management or Helpdesk procedures. NEXT STEP 1.06 Restore BAU 1.06 Restore BAU ● Local Management or Helpdesk Channel will manage the transition to ‘Business as Usual’ operations. ● BAU may not mean we are operating in the identical way we did previously, and in such cases, we will have a working solution delivering an acceptable level of service to our clients which will operate for the foreseeable future. ● Communications should be issued to all impacted stakeholders with any necessary information on the incident or transition plans and handing clear full responsibility back to the responsible person(s). NEXT STEP 1.07 Document incident General Incident - REVIEW 1.07 Document incident ● Local Management or Helpdesk Channel will ensure that all incidents are logged using the template in Appendix 13 (Pearson UK Incident Report Template). NEXT STEP 1.08 Identify lessons learned 1.08 Identify lessons learned ● Local Management or Helpdesk Channel, depending on the severity of the incident, may meet to perform a post incident review, where the following should be discussed: ○ What worked well ○ What didn’t work well ○ For each area that worked particularly well, update the Local Management or Helpdesk Channel response plan to include the relevant instructions (where appropriate) ○ For each area that didn’t work as well, update the Local Management or Helpdesk Channel response plan with instructions on how to deal with this better if it were to happen again ○ Could the risk of this scenario arising have been reduced? If so approve a cost vs benefit assessment to be performed to decide whether changes to how Pearson operates should be made ○ Any other proposed changes to how we operate, or the response plan NEXT STEP 1.09 Update policies and procedures Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 10 of 50 1.09 Update policies and procedures ● Local Management or Helpdesk Channel will document and implement any changes to existing processes as a result of the incident and communicate to all relevant stakeholders NEXT STEP Incident marked as closed - END OF PROCESS Phase 2: Potential BC Incident 2.01 Escalate to CMT member [DETECT] 2.02 CMT Member assessment ● Local Management or Helpdesk Channel will immediately escalate to the appropriate CMT member, see Appendix 2 (Crisis Management Team). NEXT STEP 2.02 CMT Member assessment ● The CMT Member will assess / re-assess the incident to get an up to date view of: a. What has happened? [ANALYSE] b. Where? c. When? d. Why? e. What/who is it affected? Any injuries/fatalities? f. Impact? What can’t we do and what problems will that cause? g. How long is this issue likely to last? h. What expert advice is available? i.e. police guidance, government advice, institutes/awarding bodies i. What emergency procedures have already been (or planned to be) implemented (including building evacuation status, civil authority response, entity currently having building control) and assess whether anything further is required j. Is the issue a Red/Yellow Alert? Review Appendix 4 (Red/Yellow Alert guidance) and follow guidance if it does. k. Is the incident severe enough to be a Business Continuity issue and require escalation to a CMT member? Review Appendix 12 (Incident Management - BC Escalation Chart). NEXT STEP - Is escalation to CMT Leader required? ● YES - 2.03 Escalate incident to CMT Leader ● NO - 2.05 Handover to / work with Local Management team to resolve incident Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 11 of 50 2.03 Escalate to CMT Leader [DETECT] 2.04 CMT Leader assessment [ANALYSE] 2.05 Handover to LM / HC to resolve incident ● CMT Member will immediately escalate to the CMT Leader, see Appendix 2 (Crisis Management Team). NEXT STEP 2.04 CMT Leader assessment ● The CMT Leader will review the incident with the CMT Member and determine whether a Business Continuity event should be declared. NEXT STEP - Is a Business Continuity event to be declared? ● YES - 3.01 CMT Leader declares BC event ● NO - 2.05 Handover to / work with Local Management team to resolve incident ● CMT Member to handover to, or work with Local management or Helpdesk Channel to manage the incident locally NEXT STEP 1.03 - Create / update Response Plan [PLAN] Phase 3: BC Incident BC Incident - DETECT 3.01 CMT Leader declares BC event 3.02 Mobilise the CMT ● CMT Leader informs the Business Continuity Secretary (member of the CMT) to declare a Business Continuity Event and assemble the CMT. NEXT STEP 3.02 Mobilise the CMT ● Business Continuity Secretary will mobilise the CMT using the following procedure: 1. Consider which other members of Senior Management might need to be included depending on the nature of the issue (to be agreed with CEO/COO) 2. Notify the CMT + those in point 1 via email (kukcrisismanagementteam@pearson.co.uk) Note: This email address only contacts the CMT members and NOT their deputies 3. Setup a CMT meeting within 30 mins (see conference details below). In the event that other communications mechanisms are more suitable e.g. faceto-face, MS Teams, Zoom then these can be utilised as an alternative. Note: All participants should reply to confirm attendance without delay 4. Call any participants who have not replied to ensure they are aware 5. Determine and contact any other relevant members of staff if anyone is Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 12 of 50 unavailable. This is to be set up utilising MS Teams. If the BCP event involves the use of Pearson systems, then the BC secretary is set up utilizing Zoom NEXT STEPS 3.03 CMT assessment 3.04 Create / update Response Plan 3.05 Execute Response Plan and monitor (All steps to be performed at initial meeting of CMT) BC Incident - ANALYSE 3.03 CMT Assessment ● CMT will assess / reassess the incident to get an up to date view of: a. What has happened? b. Where? c. When? d. Why? e. What/who is it affected? Any injuries/fatalities? f. Impact? What can’t we do and what problems will that cause? g. How long is this issue likely to last? h. What expert advice is available? i.e. police guidance, government advice, institutes/awarding bodies i. What emergency procedures have already been (or planned to be) implemented (including building evacuation status, civil authority response, entity currently having building control) and assess whether anything further is required j. Is the issue a Red/Yellow Alert? Review Appendix 4 (Red/Yellow Alert guidance) and follow guidance if it does. The BC Secretary should use the BCP Incident Tracking Sheet (template) to record the event, assessment, response plan, comms plan and decisions/actions throughout. This should be stored in the BCP incident document repository. NEXT STEP 3.04 Create / update Response Plan BC Incident - PLAN 3.04 Create / update Response Plan Note - A response plan contains a recovery strategy and a communications plan. ● CMT will create a Response Plan as follows: 1. Check whether a recovery strategy exists. Review the list of BC scenarios in Appendix 6 (Example Scenarios and Proposed Recovery Strategy). 2. Create a new (or review and update an existing) recovery strategy as follows: a. Agree what is the best likely resolution to the issue? b. Identify any decisions or information needed Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 13 of 50 c. Document actions, priorities, responsibilities (i.e. owners) d. Agree deadlines required within the next 24 hours e. Determine what resources are required 3. Create a new (or review and update an existing) communications plan as follows: a. Put together a communications plan for the next 24 hours. Consider all relevant stakeholders - a list of these and their contact details are available in Appendix 5 (Key Stakeholders and suggested communication methods). b. For each stakeholder group it should be agreed; c. i. What we need to tell them ii. How do we want to do this iii. When do we want to do this iv. Who will take responsibility v. When and how often should we provide updates vi. Who approves communications before they are sent out (should be the Director of Communications) All impacted learners will be contacted as part of the plan: i. Military learners will be contacted via the chain of command initially with follow up contact from the apprentices personal coach ii. Civilian leaners will be contacted via their employer initially followed up by contact by their individual coach iii. All learners will receive a detailed follow up email detailing any change to their program once agreed with their employers iv. If email services are impacted, learners will be called by their skills coach 4. Arrange date, time and location for when the team will reconvene to discuss progress and next steps. NEXT STEP 3.05 Execute Response Plan and monitor BC Incident - RESPOND 3.05 Execute Response Plan and monitor ● CMT will follow the steps as per the Response Plan, issuing out communication updates as per the communication strategy defined in Step 3.05. They will continue to manage and oversee the incident until they feel all major risks have been overcome and the situation can be resolved. NEXT STEP - Is the incident resolved? ● YES - 3.06 Declare Incident resolved Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 14 of 50 ● NO - 3.03 CMT assessment 3.06 Declare incident resolved ● CMT will communicate resolution of the incident 3.07 Restore BAU ● CMT will manage the transition to ‘Business as Usual’ operations. ● BAU may not mean we are operating in the identical way we did previously, and in such cases, we will have a working solution delivering an acceptable level of service to our clients which will operate for the foreseeable future. ● Communications should be issued to all impacted stakeholders with any necessary information on the incident or transition plans and handing clear full responsibility back to the responsible person(s). NEXT STEP 3.07 Restore BAU NEXT STEP 3.08 Document incident BC Incident - REVIEW 3.08 Document incident ● BC Secretary will ensure that all incidents are formally recorded using the template in Appendix 13 (Pearson UK Incident Report Template). This should be stored in the BCP Incident document repository. NEXT STEP 3.09 Identify lessons learned 3.09 Identify lessons learned ● BCP Secretary will schedule a post incident review for the CMT, chaired by the CMT Leader ● CMT will meet, where the following should be discussed: ○ What worked well ○ What didn’t work well ○ For each area that worked particularly well, update the BC Plan to include the relevant instructions (where appropriate) ○ For each area that didn’t work as well, update the BC Plan with instructions on how to deal with this better if it were to happen again ○ Retrospectively update the BC Plan to include the scenario, if it does not already exist ○ Could the risk of this scenario arising have been reduced? If so approve a cost vs benefit assessment to be performed to decide whether changes to how Pearson operates should be made ○ Any other proposed changes to how we operate, or the BC Plan NEXT STEP 3.10 Update policies and procedures Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 15 of 50 3.10 Update policies and procedures ● CMT will document and implement any changes to existing processes as a result of the incident and communicate to all relevant stakeholders NEXT STEP Incident marked as closed - END OF PROCESS Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 16 of 50 Appendix 1 – Business Continuity Policy Pearson Business continuity plan can be found at: https://neo.pearson.com/docs/DOC-710436 These plans provide more detail with regards to Pearson Systems and infrastructure Pearson Business Continuity Management Policy can be found at: https://neo.pearson.com/docs/DOC-315608 Appendix 2 – Crisis Management Team Job title Name Contact details (Work (W)and personal (P) email addresses and phone numbers) Deputy in case of absence VP Martyn Leader Mike McHale Operations Manager UK Mike McHale Poppy Carter Mills Head of Apprenticeships Poppy Carter Mills Teresa Povey Senior Programme Manager MIS Funding & Compliance Manager Rhys Ling Christine Shawcross MIS Supervisor Contact details (Work (W) and personal (P) email addresses and phone numbers) Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 17 of 50 Job title Name Health & Safety, Compliance and Quality Manager Daniel McGlynn Senior Quality Manager Neil Saunders Contact details (Work (W)and personal (P) email addresses and phone numbers) Deputy in case of absence Contact details (Work (W) and personal (P) email addresses and phone numbers) Neil Saunders Senior Quality Manager Alex Scrivens Quality Officer Anne Rowlands Head of Business Development Garrie Owens Head of Business Development Fay Granville HR Business Partner Victoria Hayden TBC Operations Manager and BCC secretary Tina Hutchinson Anne Rowlands Operations RSME (1) Wally Gupwell Bid Manager Anne Rowlands Bid Manager Bid Manager Paul Roberts (RSME ISSUES ONLY) AFC (Harrogate) Simon Davies Mike McHale (AFC ONLY) Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 18 of 50 Appendix 3 – Senior Executive Job title Name VP Martyn Leader Contact details (Work (W) and personal (P)email addresses and phone numbers) Deputy in case of absence Contact details (Work (W) and personal (P) email addresses and phone numbers) Mike McHale Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 19 of 50 Appendix 4 – Red/Yellow Alert guidance Source: HR section of the Pearson intranet (NEO) (details available within the HR section of the Pearson intranet) Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 20 of 50 Appendix 5 – Key Stakeholders and communication methods PERSONAL CONTACT INFORMATION WITHIN THIS APPENDIX SECTION MUST BE REMOVED FOR EXTERNAL DOCUMENT DISTRIBUTION Stakeholders Primary Source of Information Alternate Source(s) of Information Suggested communication method Crisis Management team List included in Appendix 2 HR can check Workday (WD) if numbers are found to be out of date Email to crisismanagementteam@pearson.com if need the whole group Followed by a phone call Senior Executive List included in Appendix 3 HR can check Workday (WD) if numbers are found to be out of date Email then phone call Senior Management Team List included below HR can check Workday (WD) if numbers are found to be out of date Email to if need the whole group Pearsonukseniormanagers@Pearson.com Other key internal personnel List included below HR can check Workday (WD) if numbers are found to be out of date Email then phone call Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 21 of 50 Stakeholders Primary Source of Information Alternate Source(s) of Information Suggested communication method All staff Workday holds all personal contact details for all staff and IT hold all work contact details. The correct report to run on Workday is called ‘RPT Worker Personal Contact Info’. Work details are available via Google contacts and personal details are available via Fusion Those staff involved in evacuation would be messaged as part of the evacuation process. In all other situations staff will be contacted primarily via work email (tqenquiries@pearson.com) for whole business. Use personal email or SMS if email is not available. A voicemail can be set up on the Pearson phone network for key stakeholders to access and receive updated status of the office status. The phone number used should be 020 7010 2000. Messages and forwarding can be arranged by calling the IT telecoms team whose details are included in this appendix. Students I-learner is used as the source system to contact students and clients (for at least the initial notification of the event). IT will be able to restore student list from Navision backup (If Navision is unavailable) only by request from CMT Executive or Legal. Initial communication to be sent via email, Facebook, twitter and website List of critical clients is included in appendix 5 - created from BDM (Salesforce) Initial communication to be sent via email, Facebook, twitter and website Contacts to set the above up are listed as “Other key personnel” in appendix 5 A complete list of students and clients is created from ilearner Key Clients Institutes and awarding bodies Via Email A list is included below Contacts to set the above up are listed as “Other key internal personnel contact information” in appendix 5 N/R Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 22 of 50 Stakeholders Primary Source of Information Alternate Source(s) of Information Govt bodies A list is included below N/R Critical suppliers and vendors A list is included below N/R Media As required As required Suggested communication method To be decided based on the severity of the issue and relationships we have with those contacting us Senior Managers’ contact information The following table provides emergency contact details for senior managers responsible for a function or business unit (who may be co-opted onto the CMT depending upon the incident), where the Manager is also a member of the Senior Executive, this is indicated with a *. All senior managers can be contacted by using TQSMG@pearson.com. PERSONAL CONTACT INFORMATION MUST BE REMOVED FOR EXTERNAL DOCUMENT DISTRIBUTION Function / Business Unit Main contact Position title Contact details (Work (W)) Deputy name Head Office Martyn Leader VP Mike McHale Business Development Garrie Owens/ Fay Granville Head of BD Anne Rowlands Contact details (Work (W)) Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 23 of 50 Function / Business Unit Main contact Position title Contact details (Work (W)) Deputy name UK Contracts Mike McHale UK Ops Manager Poppy Carter Mills MOD WBL Poppy Carter Mills Head of MOD WBL Neil Saunders RSME Wally Gupwell Head of RSME Training Paul Roberts Harrogate AFC Mike McHale UK Ops Manager Simon Davies Finance Giorgio Puzzella Finance Manager Estina Juknaite HR Victoria Hayden Senior HR Advisor TBC Contact details (Work (W)) Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 24 of 50 Institute and Awarding bodies contact information PERSONAL CONTACT INFORMATION MUST BE REMOVED FOR EXTERNAL DOCUMENT DISTRIBUTION Institute Main Contact Contact No/ Email Secondary Contact Pearson Centre Support 0344 576 0045 WBLcustomerservices@pearson.com City & Guilds Quality Direct 0844 543 0000 csdirect@cityandguilds.com EAL Centre Support 01923 652400 cs.admin@eal.org.uk Contact No/ Email Government bodies contact information PERSONAL CONTACT INFORMATION MUST BE REMOVED FOR EXTERNAL DOCUMENT DISTRIBUTION Institute Main Contact Contact No/ Email Education and Skills Funding Agency Central number Education and Skills Funding Agency Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 25 of 50 Critical clients PERSONAL CONTACT INFORMATION MUST BE REMOVED FOR EXTERNAL DOCUMENT DISTRIBUTION Key client Main contact Contact no/Email Secondary contact Contact no/Email Per Pol Ed Branch BSS RE Apps RLC Apps AGC Apps Int Corps Apps DMS Apps SLaM St Georges NHS Trust Thales UK UK Power Networks Amey Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 26 of 50 Critical Supplier and Vendor Contact Information PERSONAL CONTACT INFORMATION MUST BE REMOVED FOR EXTERNAL DOCUMENT DISTRIBUTION Vendor Area Vendor Contact Contact Number Contact Email Lex Auto Vehicles Pearson Technology IT Systems Pearson Technology help desk 0207 010 5555 or 5555 on Pearson phones pearson@service-now.com Smart Assessor IT TBC Appendix 6 – Example Scenarios and Proposed Recovery Strategy Note: colour indicates that red, yellow or no (blue) alert applies and must be followed. Assessment of Situation Recovery Strategy Core Responsibilities & Lead TERRORIST EVENT - London (Red Alert, Owner: Martyn Leader) A terrorist event is serious enough that the decision has been made to close the location(s) to all but the most critical functions for a short period of time Staff and students are unable to travel to access PTQ centres Communication ● VP or Ops Manager UK: Follow the 60 minute rule ● Issue communication to personnel hourly on day 1, then at least once per day until BAU ● Draft & Update Communications –HR (internal) and PR (external) within 1 hour ● Final Communications approval and media handling – PR – within 2 hours ● Overall Management of the incident & Restoration of services – Operations and Delivery teams. Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 27 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead Mobile phone network may not be available. ● Issue communication to students and key clients via messaging methods available If internet services are impacted, then office landlines will not be available as they are VOIP based. ● HR to lead a count of people; monitor communication from police Attack on military establishment ● Post messages on the website and social media to students and staff Military alert status raised to CRITICAL ● IT re-routes phone lines if landlines are down ● PR keeps in contact with police Temporary location ● Follow building emergency evacuation plan ● Consider options to staff out of locations to stay in local ● CMT chooses alternative centres/ locations ● CMT identifies plans for critical business functions, see Appendix 7. ● Utilise unaffected central Manchester team for support ● H.R. communicates temporary office/work locations to management. CMT communicates the plan to all personnel. Recovery Plan ● Utilise E-portfolio and App 360 system until transportation system and services are restored to operation Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 28 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● IT staff will operate remotely from alternate centres or home Military Sites: ● Follow local procedures under military chain of command ● Local manager to report directly to owner TERRORIST EVENT - REGIONS (Red Alert, Owner: Mike McHale) A terrorist event is serious enough that the decision has been made to close the location(s) to all but the most critical functions for a short period of time Communication ● VP or Ops Manager UK: Follow the 60 minute rule ● Issue communication to personnel via text system, email and all other available mediums Staff and students are unable access a regional centre. ● Issue communication to students and key clients Mobile phone network may not be available. ● Post message on the website to students and staff If internet services are impacted, then office landlines will not be available as they are VOIP based. ● Issue continuing communications at least once per day, hourly on day 1 Attack on military establishment ● Account of people; monitor communication from police Military alert status raised to CRITICAL ● PR keeps in contact with police ● Draft & Update Communications –HR (internal) and PR (external) within 1 hour ● Final Communications approval and media handling – PR – within 2 hours ● Overall Management of the incident & restoration of services – Operations and Delivery teams. Temporary location ● Follow building emergency evacuation plan ● CMT chooses alternative centres/locations Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 29 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● CMT identifies plans for critical business functions, see Appendix 7. ● IT re-routes phone lines ● HR communicates temporary office/work locations to management. CMT communicates the plan to personnel Recovery Plan ● Utilise alternative centres and Live Online tuition until relevant transportation and services are restored to operation ● Staff who have VPN access will work from home; staff working from alternate location will have spare desktop provisioned by IT Military Sites: ● Follow local procedures under military chain of command ● Local manager to report directly to owner PANDEMIC EVENT - CLOSURE (Yellow Alert, Owner: Mike McHale) A pandemic event is serious enough that the decision has been made to close the location(s) to all but the most critical functions for an unknown period of time. ● Issue communication to clients and Pearson UK personnel informing them of the situation Staff and students are unable to travel to access training centres and/or offices ● Issue continuing communications to students, clients, Pearson UK personnel at least once per day Communication ● VP or Ops Manager UK: Follow the 60 minute rule ● Draft & Update Communications –HR (internal) PR (external) within 1 hour ● Final communications approval & media handling– PR – within 2 hours ● Overall Management of the incident & Restoration of services – Full CMT. Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 30 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● PR keeps in contact with authorities Temporary Centre Location & Operations ● CMT identifies temporary centre/location ● CMT identifies functions that can be split between home/office and advises personnel to work from home as much as possible ● HR communicates temporary office/work locations to management. CMT communicates the plan to personnel. Recovery Plan ● Switch tuition to Online methodology ● All non-teaching staff to work from home ● Restore key services at centre once the pandemic event has been downgraded to allow “normal” or reduced service ● IT will allocate VPN access to all staff working from home READING DATA CENTRE DESTROYED OR DISABLED (Red Alert, Owner: Martyn Leader) ● Systems hosted are not available and will not be available until replaced. ● ilearner is NOT available. ● Network is NOT available. Communication ● VP or Ops Manager UK: Follow the 60 minute rule ● Issue communication to clients and Pearson UK personnel informing them of the situation ● Client systems are NOT available. ● Draft & Update Communications – CTO within 1 hour ● Final Communications approval & media handling– PR – within 2 hours ● Overall Management of the incident & restoration of services – CTO. Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 31 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● MyPearson and One Drive are available but may not be accessible internally due to network issues. ● Issue continuing communications to students, clients, Pearson UK personnel at least once per day. ● CMT advisory Temporary Data Centre Location ● IT to switch services to operate from 80 Strand. ● CMT communicates plan to Pearson UK personnel Disaster Recovery Plan ● Invoke IT Disaster Recovery Plans, Appendix 11 ● Take payments and enrolments manually at centres until Navision is restored ● All non-operational Pearson UK staff advised to work from home until network is restored ● Reschedule Computer-Based exams which can be sat at any time when the network is available ● Identify and source alternative locations for any fixed date CBE exams DATA CENTRE DESTROYED OR DISABLED (Yellow Alert, Owner: TBC) Services are unavailable: Communication (1) MyPearson ● VP or Ops Manager UKO: Follow the 60 minute rule (2) Pearson Financial (3) Pearson Publishing (4) eStore ● Issue communication to clients and Pearson UK personnel informing them of the situation ● Draft & Update Communications – CTO within 1 hour ● Final Communications approval & media handling– PR – within 2 hours ● Overall Management of the incident & restoration of services – CTO Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 32 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead (5) Pearson Financial Knowledge Bank ● Inform Senior managers and staff dealing with students with message for students and potential students calling in ● CMT advisory (6) CIMAStudy (new users and updated content only) Google Apps, MS Dynamics NAV and Client Portal & Reporting services are unaffected. ● Issue continuing communications to students, affected clients, Pearson UK personnel at least once per day. Disaster Recovery Plan ● Invoke IT service continuity plan, Appendix 11 PEARSON UK BUILDING DESTROYED OR DISABLED (Red Alert, Owner: TBC) ● Systems and email hosted at Goswell Road or Attenda (Park Royal) are available. ● User equipment is not available at affected centre(s) ● Pearson UK personnel at affected centre do not have access to it due to loss of services. ● Students cannot attend scheduled classes at the affected centre Communication ● VP or Ops Manager UK Follow the 60 minute rule ● Issue communication to clients and Pearson UK personnel informing them of the situation ● Issue continuing communications to students, clients, Pearson UK personnel at least once per day ● Draft & Update Communications – Centre/Regional manager within 1 hour ● Final Communications approval & media handling– PR – within 2 hours ● Overall Management of the incident & restoration of services – CTO/Director of Operations/property/HR. ● Full CMT involvement Temporary Work Location ● CMT identifies temporary work locations ● HR communicates temporary work locations to management ● Management communicates plan to Pearson UK personnel IT Disaster Recovery Plan Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 33 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● Acquire servers/user equipment ● User data will be restored by IT from central backups Permanent Work Location ● CMT identifies new permanent work locations ● IT will prepare building for electronic data processing ● IT will arrange for appropriate telecommunications in new centre ● Property team will obtain cubicles, furniture, and supplies for new centre DATA CENTRE DESTROYED OR DISABLED (Red Alert, Owner: TBC) Data centres are down (see earlier impact). Communication ● VP or Ops Manager UK: Follow the 60 minute rule ● Issue communication to clients and Pearson UK personnel informing them of the situation ● Issue continuing communications to students, clients, Pearson UK personnel at least once per day ● Draft & Update Communications – CTO within 1 hour ● Final Communications approval & media handling– PR – within 2 hours ● Overall Management of the incident & restoration of services – CTO, CMT advisory ● IT communicates plan to Pearson UK personnel. Disaster Recovery Plan ● IT will prepare 80 Strand as temporary data centre location Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 34 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● IT will invoke IT Disaster Recovery Plan Permanent Data Centre Location ● IT will identify and set up new permanent data centre ● IT will identify and commission new equipment GOOGLE SERVERS ARE DOWN (Red Alert, Owner: TBC) Email, calendar, and Drive (and all other Google services) are NOT available Communication ● Use website and Facebook/twitter to reach out to students ● Use Intranet to alert staff and share information ● Use personal email addresses for essential communications between senior management (Appendix 5) ● Draft & Update Communications – CTO within 1 hour ● Final Communications approval & media handling– PR – within 2 hours ● Overall Management of the incident & Restoration of services – CTO. ● CMT advisory Disaster Recovery Plan ● Wait until Google fixes its servers ● Source alternative email accounts if Google problem is long term (more than 1 week) MASSIVE IT VIRUS/MALWARE OUTBREAK (Yellow Alert, Owner: TBC) Staff cannot use corporate computers or operations are severely degraded. ● Contain virus/malware and block communications ● Draft & Update Communications – CTO within 1 hour ● Ensure IT complies with client notification requirements ● Final Communications approval & media handling– PR – within 2 hours ● Ascertain impacted services and/or data Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 35 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● Invoke IT Service Continuity Plan for any irrecoverable critical services, see Appendix 11 ● Overall Management of the incident & Restoration of services – CTO. ● Restore data from backup if required ● Resolve individual user access issues PANDEMIC EVENT - 50% (Yellow Alert, Owner: TBC) As a result of a pandemic only 50% of the normal staff in business unit has reported to work, and it appears this may be the situation for the next several weeks until the full extent of this influenza outbreak is known ● Issue communication to clients and Pearson UK personnel informing them of the situation ● Normal cover at centres is insufficient to cover day to day operations ● Issue continuing communications to students, clients, Pearson UK personnel at least once per day. ● Inability to cover all scheduled classroom training ● PR keep in contact with health authorities ● Inability to predict the number of students that may turn up for classes ● CMT identifies critical functions and processes that must continue on the day of the incident, regardless of the situation, and specifies how Pearson will continue with such functions and processes or Industrial action involving over 25% of employees Communication ● VP or Ops Manager UK: Follow the 60 minute rule ● Draft & Update Communications –HR (internal) PR (external) within 1 hour ● Final Communications approval & media handling– PR – within 2 hours ● Overall Management of the incident & Restoration of services – Full CMT. Operational decisions ● CMT identifies the critical functions and processes that must be maintained for the rest of the week Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 36 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● CMT identifies what level of staffing is required to maintain those processes and functions for the next week, and 2-6 weeks ● CMT identifies closure candidates at location for 1 day ● CMT identifies functions that can be performed from home ● CMT identifies alternatives to delivery of products and services (Live Online for classroom tuition) ● HR communicates temporary office/work locations to management. ● Management communicates plan to Pearson UK personnel. Recovery Plan ● Restore key services at centre once the pandemic event has been downgraded to allow “normal” or reduced services ● All non-teaching staff to work from home ● IT will allocate VPN access to all staff working from home SYSTEMS ARE NOT AVAILABLE (Yellow Alert, Owner: TBC) Due to prolonged loss of power or internet access, severely limiting staff, client and student access to systems. Communication ● VP or Ops Manager UK: Follow the 60 minute rule ● Draft and Update Communications – CTO within 1 hour Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 37 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● Issue communication to clients and personnel, informing them of current situation and steps being taken to resolve ● Final Communications approval & media handling– PR – within 2 hours ● Issue initial and subsequent communications to clients, critical suppliers and vendors informing them of situation and expected recovery timeframe ● Overall Management of the incident & restoration of services – CTO. ● CMT advisory Recovery Plan ● Decide service by service to invoke IT service continuity plan (Appendix 11) or wait for service restore ● Invoke disaster recovery plan for power PANDEMIC EVENT - HEAD OFFICE (Yellow Alert, Owner: TBC) Pandemic occurs resulting in the closure of Pearson UK Head Office (Executive, including HR, Finance, IT, Legal) or Manchester Universal Sq (Student call centre/Client service/Marketing/Vocational) – as advised by Government or Pearson. Communication ● VP or Ops Manager UK: Follow the 60 minute rule ● Issue communication to clients and Pearson UK personnel ● Issue continuing communications to personnel Temporary Work Location ● Draft and Update Communications –HR (internal) PR (external) within 1 hour ● Final Communications approval & media handling– PR – within 2 hours ● Overall Management of the incident and Restoration of services – Operations and delivery teams. ● CMT identifies temporary office/work locations or advises everyone to work from home Disaster Recovery Plan ● Divert telephone numbers to alternative locations or home working Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 38 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● All key systems are accessible from other offices or home locations via the intranet; IT will allocate VPN access to all staff working from home PEARSON UK BUILDING PARTIALLY DISABLED (No Alert, Owner: tbc) Some portion of a Pearson UK building is unusable due to flood or other cause; systems are still available. Communication ● Issue communications to centre personnel ● Inform clients of any changes in method of communication. ● Draft and Update Communications – Director of Operations within 1 hour ● Final Communications approval & media handling– PR – within 2 hours ● Move personnel to other part of building. ● Overall Management of the incident & restoration of services – CTO/Director of Operations/property/HR. ● Purchase replacement equipment. ● CMT advisory Disaster Recovery Plan ● If computer equipment is affected, IT will replenish from spare stock. UNAUTHORISED ACCESS TO OR THEFT OF CRITICAL EQUIPMENT (Yellow Alert, Owner: tbc) Various equipment is missing which will compromise operations or result in data loss or compromise relating to student, clients or other confidential Pearson information or Commercial espionage Communication ● VP or Ops Manager UK: Follow the 60 minute rule ● Contact law enforcement to report theft ● Ensure clients and students are notified in accordance with reporting requirements ● Draft and Update Communications – Director of Operations within 1 hour ● Final Communications approval & media handling– PR – within 2 hours ● Overall Management of the incident and Restoration of services – CTO/Operations. ● CMT advisory Disaster Recovery Plan Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 39 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● Order replacement equipment for individuals and servers affected ● Invoke IT Service Continuity Plan to restore data (if servers or IT equipment is missing) ● If the missing servers house client data, issue communication to clients informing them of situation and expected recovery timeframe PHONE SYSTEMS UNAVAILABLE (Yellow Alert, Owner: tbc) Due to a chronic hardware or services failure which will result in the replacement of telecommunications hardware and services. Communication ● Issue initial and ongoing communication to clients and Pearson UK personnel, informing them of current situation and steps being taken to resolve. ● Draft and Update Communications – CTO within 1 hour ● Final Communications approval & media handling– Director of Operations – within 2 hours Disaster Recovery Plan ● Overall Management of the incident and Restoration of services – CTO. ● Phone switch replacement will be obtained. ● CMT advisory ● Reroute phone numbers. SIMULTANEOUS LOSS/RESIGNATION OF KEY STAFF (Alert type tbc, Owner: Victoria Hayden) Due to death or dismissal of key staff Communication ● ● Agreement with SVP BTEC & Apps on secondment support if VP- then via interim Overall management of the incident and restoration of services – HR. ● Communication with learners/key clients impacted by local managers with centrally agreed script Action Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 40 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● Stepping up. managers expected to step up into role on interim basis ● Recruiting temporary or contract staff on interim basis IT NETWORK FAILURE (No Alert, Owner: TBC) Loss of IT services at a number of locations Communication ● Issue communication to clients and Pearson UK personnel informing them of the situation ● Issue continuing communications to students, clients, Pearson UK personnel at least once per day ● HR communicates temporary work locations to management ● Draft & Update Communications – CTO within 1 hour ● Final Communications approval & media handling– PR – within 2 hours ● Overall Management of the incident & Restoration of services – CTO/Director of Operations/property/HR. ● Full CMT involvement ● Management communicates plan to Pearson UK personnel Temporary Work Location ● CMT identifies temporary office/work locations or advises everyone to work from home ● All non-operational Pearson UK staff advised to work from home until network is restored Disaster Recovery Plan ● Divert telephone numbers to alternative locations ● Alternative technology considered e.g. 4G routers Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 41 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead ● All key systems are accessible from other offices or home locations; IT will allocate VPN access to critical staff working from home ● Reschedule Computer-Based exams which can be sat at any time when the network is available ● Identify and source alternative locations for any fixed date CBE exams Permanent Work Location ● CMT identifies new permanent work locations ● IT will prepare building ● Property team will obtain cubicles, furniture, and supplies for new centre STAFF ABSENCE DUE TO SEVERE WEATHER OR TRANSPORT ISSUES (Alert type tbc, Owner: tbc) TBC TBC ● Overall Management of the incident and Restoration of services –Operations. VIOLENCE AGAINST STAFF (Alert type tbc, Owner: tbc) TBC TBC ● Overall Management of the incident and Restoration of services – HR. LOSS OF ELECTRONIC RECORDS (Alert type tbc, Owner: tbc) TBC TBC ● Overall Management of the incident and Restoration of services – Operations. FRAUD, SABOTAGE OR MALICIOUS ACT (Alert type tbc, Owner: tbc) Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 42 of 50 Assessment of Situation Recovery Strategy Core Responsibilities & Lead TBC TBC ● Overall Management of the incident and Restoration of services –HR. Appendix 7 – Business Process and Location Risk Assessment Location BU Primary products and services (besides customer service) Critical business functions (besides Training) Systems used (besides Google) Backups/alternatives London, 80 Strand Financial Finance CBE suite One Drive Head Office HR Business development MyPearson London, One90 High Holborn HR, Legal and PR, Executive Salesforce Property management NEO Finance Fusion FM and LPD Lighthouse Manchester FM customer service Appendix 8 – Alternate Site Information Centre First choice relocation London 80 Strand London, One90 High Holborn All Military Locations One90 High Holborn - if not allocated by Authority All Civilian Locations One90 High Holborn if not allocated by client Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 43 of 50 Appendix 9 – Building Contacts - Internal and External PERSONAL CONTACT INFORMATION WITHIN THIS APPENDIX SECTION MUST BE REMOVED FOR EXTERNAL DOCUMENT DISTRIBUTION EXAMPLES Pearson Office location Pearson Office address and normal number Pearson Analogue Number Landlord or Agent name People to contact at the landlord/agent Phone and email, work and emergency Appendix 10 - Pearson UK Insurance Cover PERSONAL CONTACT INFORMATION WITHIN THIS APPENDIX SECTION MUST BE REMOVED FOR EXTERNAL DOCUMENT DISTRIBUTION All details on insurance covers are location on Neo. Main point of contact is Mike McHale. Appendix 11 - Pearson UK IT Service Continuity Plan The ‘Pearson UK IT Service Continuity Plan’ is located in the relevant IT Security & Compliance folder on https://neo.pearson.com/docs/DOC-710436 Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 44 of 50 Appendix 12 – Incident Management - BC Escalation Chart Local Management / Helpdesk Channel CMT Member (Potential BC event) CMT (BC event declared) General Incident Potential BC Incident BC Incident ↓ ↓ ↓ Terrorist attack or threat affecting the transport network or office locations • Government threat levels escalated to "CRITICAL" impacting 1 Pearson location • Government threat levels escalated to "CRITICAL" impacting > 1 Pearson locations Simultaneous resignation or loss of key staff • Planned departure of one or more SMT members • Unplanned departure of one or more SMT members Cyber security event e.g. malware, data breach • Minor impact on data / IT systems fully operable / recoverable • Some impact on data / IT systems (partially inoperable / recoverable) • Major impact on data / IT systems (inoperable / irrecoverable) • No sensitive data compromised • Sensitive data could be compromised • Sensitive data is compromised • Not a key date • Key date • Key date • Not expected to exceed 15 minutes • Not expected to exceed 60 minutes • Expected to exceed 60 minutes • Single training location • Any critical service location or multiple training locations • All locations impacted Step 1. What is the severity level of the incident in progress? Critical IT applications failure Telephony failure • Incident occurring within areas of Pearson premises or military establishment where PTQ learners and staff present Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 45 of 50 IT network failure • Single training location • Any critical service location or multiple training locations • All locations impacted Primary Data centre destroyed or disabled causing outage • Non-key date • Key date • Key date • Disruption not expected to exceed 15 minutes • Disruption not expected to exceed 60 minutes • Disruption expected to exceed 60 minutes Google Apps outage • Disruption not expected to exceed 15 minutes • Disruption not expected to exceed 60 minutes • Disruption expected to exceed 60 minutes Theft or criminal damage • Isolated incident • Critical property damage (see "Denial of premises") Significant staff absence due to severe weather or transport issues • Advance warning or notice of disruption with provisions for planning workarounds • No advance warning or notice of disruption given with no provisions for workarounds Violence against staff • Isolated incident • Multiple incidents • Incident resulting in: Minor injury, Non-reportable injury, Reportable injury • Incident resulting in: Major injury, Single, or multiple fatalities Loss of electronic records • Data is fully recoverable and there has been no data breach • Data is partially recoverable or there has been a minor data breach • Data is unrecoverable or there has been a major data breach Denial of premises • Single training location • One or more teaching locations or base of one the central support teams when unsure of length of time • One or more teaching locations or base of one of the central support teams for long periods of time • Incident impacting key staff and/or students Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 46 of 50 Infectious disease outbreak • Isolated incident • Multiple incidents • Incident resulting in: Minor injury, Non-reportable injury, Reportable injury • Incident resulting in: Major injury, Single, or multiple fatalities Fraud, sabotage or other malicious acts • Source established and resolution manageable with no / minor disruption • Source unknown Fire or flood • Single location, staff unhurt • Single location, potential minor staff injury • Single location, significant risk to staff • Multiple locations, no staff injury • Multiple locations, no staff injury Serious injury to, or death of, staff whilst in the offices Loss of paper records • Incident impacting key staff and/or students • Minor injury • Major injury • Reportable and/or non-reportable injuries • Single or multiple fatalities • Electronic / hard copy backups are available and there has been no data breach • Electronic / hard copy backups are partially available or there has been a minor data breach • Electronic / hard copy backups are unavailable (and critical to business operations or regulatory requirements) or there has been a major data breach Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 47 of 50 Step 2. What is the severity level of the business impact? General Incident Potential-BC Incident BC Incident ↓ ↓ ↓ • Compromises the provisioning of one or more non-key Value Streams or or • Incident occurs outside of key calendar date(s) in the year • Potential impact to key calendar date(s) in the year or • Incident unlikely to persist beyond acceptable tolerance levels Step 3. What is the highest severity level identified from Steps 1 & 2? Step 4. Escalate to -> • Potential compromise to the provisioning of one or more key Value Streams or • Incident potential to persist beyond acceptable tolerance levels • Compromises the provisioning of one or more key Value Streams or • Known impact to key calendar date(s) in the year or • Incident known to persist beyond acceptable tolerance levels General Incident Potential-BC Incident BC Incident ↓ ↓ ↓ Local Management / Helpdesk Channel CMT Member CMT Leader (via CMT Member) Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 48 of 50 Appendix 13 – Pearson UK Incident Report Template Pearson UK Incident Report Status Open - In Progress / Open - Post Incident / Resolved Reported by (Name, Position) Date/Time Reported Reported to (Name, Position) Incident Start Date/Time Incident Location(s) Incident Type Red/Yellow Alert? Business Continuity Incident? Yes / No Incident Description Business Impact Action Plan Link to action plan containing actions & decisions here. Resolution Root Cause Remediation / Recommendations Complete test plan/report for the event and place link here. Status Incident Resolved. Date Closed Pearson TQ Business Continuity Plan Author: Garrie Owens Approver: PTQ VP, Martyn Leader DCL3 Confidential Version 2.0 October 2021 Page 49 of 50