Business Continuity Policy

PURPOSE

The purpose of this policy is to define Unitrust’s commitment to establishing, implementing, maintaining, and continually improving an effective Business Continuity Management System (BCMS) to protect critical insurance services during disruptive incidents.

SCOPE

This policy applies to all business units, employees, facilities, information assets, and relevant third parties supporting the Company’s insurance operations.

OBJECTIVES

Based on the requirements and factors set out in this document, the following major objectives are set for Business Continuity needs:

• Objective 1 – Ensure continuous availability of critical insurance services and operations in the face of disruptions
• Objective 2 – Build a resilient organization capable of sustaining operations and recovering rapidly from operational, technological, and external disruptions
• Objective 3 – Protect revenue generation and customer service by ensuring resilience and rapid recovery of critical underwriting, claims, and digital platforms
• Objective 4 - Embed business continuity and crisis management capabilities across the organization to support operational excellence and sustainable growth
• Objective 5- Continuously strengthen the organization’s resilience posture through regular testing, review, and improvement of business continuity capabilities at Unitrust is committed to complying with ISO 22301:2019 and all applicable legal, regulatory, and contractual requirements related to business continuity in its services and operations including the following:

• To meet the applicable legal, regulatory, and contractual requirements.
• To Identify and prioritize critical activities through business impact analysis and risk assessment.
• Ensure Implemented business continuity strategies and plans meet defined recovery objectives.
• Provide appropriate resources to support effective business continuity management.
• Test, review, and continually improve business continuity capabilities

COMMITMENT TO CONTINUAL IMPROVEMENT

Unitrust Insurance Co. Ltd. policy regarding Continual Improvement is to:

• Ensure adequate and sustained provision of financial, human, and technological resources required to implement, operate, maintain, test, and continually improve the BCMS, including training, tools, exercises, and management support.
• Continually improve the effectiveness of the BCMS through regular reviews, stakeholder engagement, documented improvement ideas, and management oversight.
• Establish measurable processes and controls, review BCMS metrics annually, and use historical data to support informed management decisions.
• Strengthening relationships with business units, increasing proactivity in BCMS management, and improving stakeholder perception through regular collaboration and communication.
• Obtain ideas for improvement via regular meetings with stakeholders and document them in a Continual Improvement Log.

Non-compliance with this policy could pose significant business risk to Unitrust Insurance Co. Ltd. Therefore, compliance with this policy is mandatory.

If any employee or third-party personnel becomes aware of a disruption, potential disruption, or any incident that could impact on the continuity of business operations, they must report it immediately through the designated business continuity incident reporting channel  (infosec@unitrustinsurance.com)