To ensure this our Business Continuity Management Program includes IT Disaster Recovery (DR) plans. These plans are developed, managed, reviewed and monitored by the Business Continuity Management team and Business Continuity and Disaster Recovery Group. Our disaster recovery solution begins with: • Building robust and resilient infrastructure in every individual data center location • Developing and managing our very own platform • Following best practices and industry standards Our plans are structured to enable the recovery and restoration of our products and services as soon as possible. We evaluate the business continuity capabilities of key vendors and third parties that are supporting prioritized services and products through a supplier assessment procedure managed by the Corporate Security team. Business Continuity Program 6 We have Recovery Point Objectives configured to ensure our time frames enable us to meet our SLAs, obligations, and customer satisfaction. This is achieved through procedures that define backup frequencies for relevant data in line with acceptable data loss parameters. Backup copies are protected with appropriate control mechanisms and recovery testing is periodically conducted to validate the integrity of backed-up information and to verify the duration of the recovery process. The people, processes, and technology necessary to conduct our business are distributed among our sites, with critical business operations conducted at multiple globally diverse locations. The process and protocol are in place to ensure guaranteed service levels to our clients. Crisis Management and Communication Plan Our Crisis management and Communication plan defines the key decision makers during a crisis caused by a disruptive incident, and how those decisions are communicated both internally and externally to all interested parties. The decision-making process is established through an escalation criteria. The plan is developed and provides various communication formats dependent on the incident and designates specific individuals as the only authority for answering questions or providing information to the public regarding our emergency response. It also includes procedures for disseminating reports to personnel on the status of the incident and templates for public press releases.

Crisis management for pandemic

‍Crisis Management Plan for the pandemic provides a recommendation as to what we can do to reduce the impact on pur employees, clients, and overall business. Then plan is advised by the protocols and standards set by the Centers for Disease Control and Prevention(CDC) and the World Health Organization(WHO).

‍

Why is this important?

‍At a time when downtime is unacceptable, business continuity is critical. Our Business Continuity Program considers the risks and threats that could have a major or severe impact on the continuity of business operations even if there may be a very low probability of them happening. For these kinds of situations response and recovery plans are created.

‍

Why is it important for our partners and clients

‍

Our Commitment

‍Our commitment to provide products, solutions and services during any circumstance is fortified by our business continuity plans and arrangements. Business Continuity plans and arrangements are reviewed and exercised annually using a variety of scenarios and exercise types to ensure plans and procedures remain valid, effective and are consistent with our objectives. Training and awareness plans are developed to enhance the competency and awareness of our people with valuable training, support, and development exercises. The Business Continuity Management Program is promoted across the organization at all levels through education and information to facilitate its successful inclusion into normal business processes. Business Continuity Management performance indicators have been developed to help monitor and measure the performance against the requirements set out in Policy and Program. Our management performs an annual review of the program and processes along with inspections from our Internal Audit department in line with their Audit Charter and annual audit plans. Selfassessment, an assessment of the Program by the entire Business Continuity team are conducted annually as well. The reviewed actions are monitored to support continuous improvement. We demonstrate continuous improvement of our Program by ensuring observations and non-conformities identified are progressed to resolution and, where appropriate, reflected in arrangements during reviews.