Reference Document: ISO22301

Version Number: 1.0

Release Date: May - 2024

1. General:

Najran University adopts its responsibility towards protecting its assets, ensuring the continuity of its operational processes, and providing services at a high level of quality, in order to maintain the interests of all its stakeholders. These efforts fall within Saudi Arabia's Vision 2030 for digital transformation and improving electronic services, which the university seeks to implement through developing a feasible plan to ensure the continuity and recovery of electronic services in case of disasters.

Najran University is committed to supporting efforts to monitor and restore operations in alternative facilities in the event of unexpected disruptions. The University and its senior administrations are working to develop and maintain an effective business continuity and recovery plan that aligns with ethical and regulatory standards, and with its strategic and tactical objectives.

This plan aims to enhance the University’s philosophy of providing high-quality services to its students, faculty, and staff, and ensuring the provision of a distinguished electronic environment that supports the educational and administrative processes in an integrated manner.

The Digital Transformation Office and Knowledge Sources were established to manage technical operations and electronic services within the University, and their vision is to enable Najran University to achieve leadership in the field of electronic services through the creation of an integrated and distinguished IT environment.

وتتجلى رسالة العمادة في تحسين الخدمات المقدمة وتوفير بيئة إلكترونية ذات جودة عالية، مدعومة بتقنيات المعلومات والاتصالات، وفقاً لاستراتيجيات المملكة العربية السعودية في تعزيز مفهوم الحكومة الإلكترونية.

The primary objectives of the Digital Transformation Deanship and knowledge sources are:

  • Adopt best global practices and use information systems and information technology tools to increase administrative efficiency and improve organization, in addition to contributing to the goals of e-government.
  • Enhancing the use of information technologies to support policies, operations, and procedures that increase accountability, transparency, and responsibility across all university departments.
  • Developing IT infrastructure and technical tools to support faculty members in improving educational quality and research development.
  • Enhancing infrastructure and developing information technology tools to support and motivate students to achieve academic success.

      • 2. Goal:

      The Business Continuity Management System Policy of the Digital Transformation Office and Knowledge Sources - Najran University aims to ensure the Office’s ability to continue its critical activities during emergencies, crises, disasters, or due to sudden business interruptions.

      Also aims to reduce downtime to an acceptable level for performance, through the adoption of a flexible framework for implementing the system, while ensuring compliance with all legal, regulatory, contractual, and ethical requirements.

      The application’s system is based on a framework approved by senior management, compliant with the requirements and standards of ISO 22301:2019.

      3. Core Services of the Institution:

      With reference to the service catalog provided by the Deanery.

      4. The Scope:

      The system applies to all services provided by the Deanship and those listed in the service catalog, according to the established organizational structure at the time.

      5. Restrictions and Exceptions:

      There is none.

      6. Business Continuity Management System Objectives:

      • Design and development of a system to ensure business continuity and disaster recovery, and to build capabilities and resilience to ensure the continuity of critical activities.
    • Providing the appropriate and necessary resources to establish, document, implement, review, and improve the system.
    • Commitment to providing the necessary training and guidance to ensure business continuity management readiness.
    • Efficiently manage and respond to incidents to minimize impact on resources, operations, and infrastructure.

      • 7. Risk Levels:

      7.1 Risk Level:

      Defined according to the methodology outlined in the standard ISO 22301:2019 and the approved risk register.

      7.2 Acceptable Risk Level:

      As defined in the Risk Register and the approved Assessment Methodology.

      8. Roles and Responsibilities:

      With reference to the administrative decision issued by the Dean’s Delegate for Digital Transformation regarding the formation of the Business Continuity and Risk Committee.

      9. Capabilities:

      The College is committed to supporting the System Manager by providing the competencies, training, and resources necessary.

      10. Tests and Exercises:

      Implemented based on a decision by the Business Continuity Committee approved by senior management.

      11. Documentation:

      Documentation responsibility falls on the System Manager and Continuity Representatives, with periodic review and continuous improvement to ensure system effectiveness.