BCMS-Policy-Ver 1 0
BCMS-Policy-Ver 1 0
BCMS-Policy-Ver 1 0
1. Introduction ................................................................................................................. 4
1.1 Purpose ......................................................................................................................... 4
2. Scope ............................................................................................................................ 5
3. Scope .............................................................................. Error! Bookmark not defined.
3.1 Personnel ........................................................................ Error! Bookmark not defined.
3.2 Locations......................................................................... Error! Bookmark not defined.
3.3 Compliance with the policy, standards and certificationError! Bookmark not defined.
4. Goals and objectives ...................................................... Error! Bookmark not defined.
5. BCMS policy.................................................................................................................. 6
6. Governance .................................................................................................................. 7
7. Enforcement and violation .......................................................................................... 7
Annexure A – Information Classification Details.................................................................................... 8
Annexure B – Version history (changes since last version).................................................................... 9
1.1 PURPOSE
The purpose of this Business Continuity Management Policy (“BCM Policy”) is to ensure that the products and
services Firstsource Solutions Limited and all its global subsidiaries (collectively “Firstsource”) provides continue
to be delivered to our customers at contractually agreed levels during operational disruption and are in line with
ISO 22301 standards. Firstsource, through this policy, will support its corporate strategy of meeting
organizational objectives through continued delivery of operations as committed to its Clients.
Firstsource’s growth is built on the trust that its clients and business communities have placed Firstsource’s best
practices. It is therefore necessary that Firstsource’s services and infrastructure are capable of effectively
sustaining any eventualities occurring due to actual or potential threats (both internal and external) that are
likely to have an adverse impact on business as usual.
Firstsource is committed through this policy to proactively:
a. Plan, establish, implement, operate, monitor, review, maintain and continually improve on its BCM
framework and commit to satisfy applicable requirements in line with ISO 22301:2019 standard framework,
by having a process driven and documented Business Continuity Management System (BCMS)
b. Ensure the continuity of its prioritized services and/or products including the activities that support them;
c. Meet and continue to manage the expectations of interested parties such as be auditors, Board, Clients or
Vendors as relevant for managing the Business Continuity Program
2. SCOPE
2.1.1 PERSONNEL
All Firstsource staff, contract, vendors, sub-contractors and key interested parties, such as be auditors, Board,
Clients or Vendors as relevant for managing the Business Continuity Program personnel working out of
Firstsource offices across all its locations in India, Philippines, UK, USA and Mexico.
3. SCOPE EXCLUSIONS
All client offices from where Firstsource provides services are excluded from the BCMS scope.
Exclusions from this policy are:
Recovery of client/customer managed infrastructure Firstsource does not have control over client
hosted within Firstsource facilities; managed infrastructure
Operations and recovery managed by client from their Firstsource does not have control over clients site
site;
Processes/sub-processes not having Firstsource Firstsource is not accountable for processes and sub-
Operations accountability; processes that are not included in the scope of work
agreed with its clients;
Merger and Acquisition entities until integration; Firstsource would implement ISO 22301 framework
only after integration
7. COMMUNICATION
FIRSTSOURCE BCM TEAM shall ensure that the BCMS Policy is communicated to all internal staff, third parties
such as vendors, suppliers, contractors, government and regulatory authorities, customers and other external
stakeholders as necessary. The communicating channels would be at the discretion of the BCMS leader (to be
designated in the BCM Process Document) AND can be on emails, townhall meetings, leadership messages,
training, awareness, induction programs, posters, printed media, Intranet etc.
The Business Continuity Steering Committee (BCSC) is responsible for ensuring the enforcement of this policy
across Firstsource operations.
Any activity resulting in non-compliance with this policy would be considered as a violation. Violations to this
policy shall result in disciplinary action, which will be consistent with the severity of the incident as determined
through an investigation. Serious violation may result in major disciplinary actions, including termination of
employment / services / business relationship.
This Business Continuity Policy shall be reviewed when significant changes occur in the organization or at least
on an annual basis.