Contents
1. Introduction
2. Our promise to you
3. Risk assessment and preparedness
4. Data backup and recovery
5. Communication plan
6. Remote work capabilities
7. Disaster recovery procedures
8. Regular testing and continuous improvement
9. Declaration
1. Introduction
At That Little Agency (TLA), we understand that our clients rely on us to deliver consistent, reliable services. We are committed to maintaining operations and protecting client data, even in the face of unexpected events. Our Business Continuity and Disaster Recovery Plan is designed to ensure that we can respond swiftly, minimise disruption, and recover quickly from any incident.
2. Our promise to you
Resilience and reliability are at the heart of the TLA business. No matter the challenge, we are prepared to maintain operations and protect your interests. If you would like more information about our Business Continuity and Disaster Recovery Plan, please contact us at data@www.thatlittleagency.co.uk.
3. Risk assessment and preparedness
We regularly assess potential risks that could impact our operations, including:
- Cybersecurity threats (e.g., data breaches, ransomware)
- Hardware failures or technical outages
- Natural disasters (e.g., fires, floods, severe weather)
- Power or internet disruptions
- Key personnel unavailability
For each risk, we have predefined mitigation strategies and recovery procedures in place to maintain business continuity.
4. Data backup and recovery
Daily backups
All critical business and client data is automatically backed up daily.
Secure storage
Backups are encrypted and stored securely both on-site and in reputable cloud environments.
Recovery assurance
In the event of data loss, we can restore essential systems and client data rapidly, ensuring minimal downtime.
5. Communication plan
Clear, timely communication is essential in a crisis.
Client notifications
In case of a significant disruption, we will notify affected clients promptly, providing updates and expected timelines.
Multiple channels
Communication is maintained via email, phone, and our website to ensure clients can reach us and stay informed.
Designated contact person
A dedicated team member is responsible for managing all communications during an incident.
6. Remote work capabilities
Our team is fully equipped to work remotely, ensuring seamless service delivery.
Cloud-based tools
Core business functions are powered by secure, cloud-based solutions accessible from anywhere.
Secure access
Remote connections are safeguarded with VPNs, MFA, and encrypted communications.
Business-as-usual
Clients can expect the same high level of service, regardless of physical office disruptions.
7. Disaster recovery procedures
In the event of a major incident, our structured disaster recovery process ensures swift recovery.
Incident detection
Immediate identification and assessment of the issue.
Containment and mitigation
Quick steps are taken to contain damage and secure data.
Data restoration
Restoration of data and systems from backups.
Testing and validation
Verification of system integrity before resuming operations.
Post-incident review
Analysis of root causes and implementation of improvements to prevent recurrence.
Recovery time objective (RTO)
Our goal is to restore essential services within 7.5 hours.
Recovery point objective (RPO)
We aim to ensure that no more than 7.5 hours of data is lost in the event of failure.
8. Regular testing and continuous improvement
Annual testing
We regularly test our backup systems and disaster recovery procedures to ensure readiness.
Policy review
Our Business Continuity and Disaster Recovery Plan is reviewed and updated annually or following significant incidents.
Employee training
All team members are trained on their roles and responsibilities within the plan.
9. Declaration
This statement was last reviewed, updated and approved on 31st January 2025.
