1. Business Continuity Plan
04/12/2016
REPORT
BCM xeosolutions
Printed On:

2. Organization Info
Name BCM xeosolutions
Scope This document contains the Business Continuity plan for the resolutions. it's the document
containing the informationrequired to post-interruption decision-making and also the agency’s
response to any unquiet or extended interruption of the organization's traditional operations and
services.
This document represents the xeosolutions commitment to response, resumption, recovery, and
restoration coming up with. This plan should be kept current to make sure the accuracy of its
contents. Every individual answerable for data or materials within the document should make sure
that resources area unit committed to the maintenance of its contents.
The xeosolutions Business Continuity Plan is intended to provide a framework for constructing plans
to ensure the safety of employees, volunteers and consumers (clients) and the resumption of time-
sensitive operations and services in the event of an emergency (fire, power or communica-tions
blackout, tornado, hurricane, flood, earthquake, civil disturbance, etc,) disaster, or other business
interruption.
The general objectives of the Plan are to ensure that in the event of an incident or crisis situation:
• There will be a logical recovery of the business
• Impacts will be kept within acceptable levels as defined by the business department
representatives
• Business will continue as usual, as far as possible
The Plan will address the following planning priorities:
• Staff health & safety
• Safeguarding of assets
• Continuity of key business activities
• Protecting the Environment
• Fulfilling obligations
Policy It is the policy of xeosolutions to: -
• Maintain a strategy for reacting to, and recovering from, adverse situations which is in line
with senior management’s level of acceptable risk
• Maintain a programme of activity which ensures the company has the ability to react
appropriately to, and recover from, adverse situations in line with the business continuity
objective
• Maintain appropriate response plans underpinned by a clear escalation process
• Exercise response and recovery plans at least annually
• Maintain a level of resilience to operational failure in line with the risk faced, the level of
negative impact which could result from failure and senior management’s level of acceptable
risk
• Maintain employee awareness of the company’s expectations of them during an emergency
or business continuity threatening situation
• Take account of changing business needs and ensure that the response plans and business
continuity strategy are revised where necessary
• Remain aligned with best practice in business continuity management
Business Entity Info
Name xeosolutions
Description Xeo Solutions IT Leasding Company
Address House No.41 Bella Road G-10/1 Islamabad
Telephone +92 333 5364904
E-mail hashmisaf@outlook.com
Website www.xeosolutions.com
04/12/2016
1 / 8
Business Continuity Plan
BCM xeosolutions

3. Regulatory Info xeosolutions. Is a ISO/IEC 27000 Series (Formerly BS 7799/ISO 17799 certified organization and
operated under the guidelines of BS 779. Further, xeosolutions operates under the laws set forth by
the Pakistani Government, including its consumer data protection act and Privacy Acts.
Said Orginization strictly follow these statndards,
• ISO/IEC 27000 Series (Formerly BS 7799/ISO 17799)
• COBIT 4.X
• ISO 9000
• NIST SP 800
Roles And
Responsibilities
For the business continuity of xeosolutions Co., the BCMT provides general support and is
concerned with resources and tasks integral to running the specific functional area.
CEO Manages and directs the recovery effort.
Customer Service Manager. Provides support of critical business functions affected by the disaster.
Information Technology Manager. Coordinates all data processing and telecommunications systems
recovery, including operational restoration of Building O&S and operations at the designated hot
site.
Vice President for Marketing Provides for support of critical business functions affected by the
disaster.
Lead Programmer Provides support of critical business functions affected by the disaster.
1. Managment
(1) Manges and directs the recovery direction.
(2) Provide training for work force
(3) Receives and processes complaints
(4) Processes individual rights requests
2. Employee responsibilities
(1) Understand and comply with organization’s policies regarding BCP/
04/12/2016
2 / 8
Business Continuity Plan
BCM xeosolutions

4. Stakeholders
Stakeholder Normal Expectations Expectations During Disruption Ranking
Muhmmad Bilal Ms. Bilal is responsible for the marketing
and public relations department at
xeosolutions
Communicate all the task and ativies of
recovery process to thepersonal aspects of
the situations includeing (Top
Managment,) initiate emergency alerts .
None
Muhammad Haris Mr. Haris is lead programmer and project
manager at xeosolutions
He is responsible to make sure all the
backup must be available . and Perform
the recover operation along with hist team.
None
Safwan Hashmi Mr. Safwan Hashmi serves as the CEO
of xeosolutions . He is responsible for the
entire operations of the organization.
As Business Continuity Management
Team Co-facilitator, gives contact between
the operational and administration groups.
Additionally in charge of progressing
support, preparing and testing of the
Business Continuity Plan. Facilitates the
Institute Support Teams under the
sponsorship of the Business Continuity
Management Team.
Critical
Ziad Tufail Mr. Ziad is responsible for the overall
operations of the customer support
management department
Provides for managesupport team that
provide the clients during the disaster and
recovery operations with primary
responsibility for restoration.
None
Local Emergency
Response Team
Ensure the saftey and well being of the
community.
Provide disaster response and emergency
response services to people and assets in
danger durring a disruption.
Critical
Assurance
Insurance Agent
Provide insurance based support
throughout normal operations.
Provide insurance based support
throughout normal operations.
None
Associated Risk Treatment
Risk Treatment xeosolutions
04/12/2016
3 / 8
Business Continuity Plan
BCM xeosolutions

5. Resource Description Division/Department
PHP Web Server PHP Web Server
These server contain , website and database of
cleint , which key business of orginization.
IT
Areas Of Impact Minimum Service Level
Hosting and Domain Ability to access
programming data remotely
from an alternate machine.
Impact Analysis
Assessment Date Review Date Signed Off By
01/12/2016 04/01/2017 Safwan Hashmi
Resources
Resource Description Division/Department
Office Headquarters Building is an imporant resource where servers
are plasece and people can work on software
/Web Application.
Areas Of Impact Minimum Service Level
In the case of a discruption or disaster effecting the physical buildings of xeosolutions ., all
aspects of the business would fall under the areas of impact.
The ability to remotely
access all vital information
for business processes from
another site.
Impact Analysis
Assessment Date Review Date Signed Off By
01/12/2016 01/12/2016 Safwan Hashmi
Resources
Resource Description Division/Department
Server - Customer Information Customer Information is always a very sensitiv
information to an orginization. Loss of these
server result in oraginization reputation loss
and alos have bear the plenties set by the
governing bodies.
Sales
Areas Of Impact Minimum Service Level
Impact Analysis
Assessment Date Review Date Signed Off By
07/12/2016 09/12/2016 Ziad Tufail
Resources
04/12/2016
4 / 8
Business Continuity Plan
BCM xeosolutions

6. Resource Description Division/Department
Computer (desktop) - Programmer Progamers workstations are critical resource
for the development of new products, and
Manageing existing application.s
MIS
Areas Of Impact Minimum Service Level
Programming and Development Department. Ability to access
programming data remotely
from an alternate machine.
Impact Analysis
Assessment Date Review Date Signed Off By
01/12/2016 05/12/2016 Safwan Hashmi
Resources
04/12/2016
5 / 8
Business Continuity Plan
BCM xeosolutions

7. Incident Response Recovery
04/12/2016
6 / 8
Business Continuity Plan
BCM xeosolutions

8. Incident Response Description
xeosolutions Business Continuity Plan: General
Disruption Response
xeosolutions increasingly depends on computer-supported information
processing and telecommunications. This dependency will continue to
grow with the trend toward decentralizing information technology to
individual organizations within xeosolutions . administration.
The increasing dependency on computers and telecommunications for
operational support poses the risk that a lengthy loss of these
capabilities could seriously affect the overall performance of the
Company. A risk analysis which was conducted identified several
systems comprising those functions whose loss could cause a major
impact to the Conmpany. This risk assessment process will be repeated
on a regular basis to ensure that changes to our processing and
environment are reflected in recovery planning.
XEOSOLUTIONS administration recognizes the low probability of
severe damage to data processing telecommunications or support
services capabilities that support the Company. Nevertheless, because
of the potential impact to XEOSOLUTIONS., a plan for reducing the risk
of damage from a disaster however unlikely is vital. The Company‘s
Business Continuity Plan is designed to reduce the risk to an
acceptable level by ensuring the restoration of Critical processing.
The Plan identifies the critical functions of XEOSOLUTIONS. and the
resources required to support them. The Plan provides guidelines for
ensuring that needed personnel and resources are available for both
disaster preparation and response and that the proper steps will be
carried out to per Tech Co. the timely restoration of services.
Plan Purpose And Scope
Disruption/Disaster
Response due to
earthquake
The object of this Plan is to restore critical systems within 5 hours, and Essential (Category II)
systems within 2 week(s) of a disaster that disables any functional area and/or essential
equipment supporting the systems or functions in that area.
Plan Purpose And Scope
Web Server Crash The purpose of this plan is recover the web server and make it operation as soon as possible.
Plan Purpose And Scope
Server Hacked Objective this plan is to restore Server operations to normal when it compromise by hackeer.
Plan Purpose And Scope
Power Failure This Purpose of this plan is to make sure that if the power falure is occurected , company must
have the generatore and UPS in order to avoid distruptions
Plans
Associated Threat Description
Natural Disaster - earthquake
Failure of backed up data
Malicious attack - manipulation of IT
equipment
Loss of availability to authorized
users
Malicious attack - manipulation of
data or software
Denial of service
04/12/2016
7 / 8
Business Continuity Plan
BCM xeosolutions

9. Name Description Testing Coordinator
Testing of BCM Testing BCM Plan Safwan Hashmi
Incident Plan Scenario Test Date Frequency
Disruption/Disaster
Response due to
earthquake
Disruption/Disaster Response 14/12/2016 0
Responsible Description
Safwan Hashmi xeosolutions can be disaster due to earthquake , its business can effect. The purpose this
plan to run business during the disaster.
Goals Preparations Participants
The purpose this plan to
test that business can
survive during the
disaster.
BCM Team will create an enviroment of disaster . All the steps will
be carried to out during this even as we defind plan.
Top Managment
Programmers/Lead and
Manager
BCM Team
Markiting Team
Test Plans
Maintenance
04/12/2016
8 / 8
Business Continuity Plan
BCM xeosolutions