Governance & Business Continuity Framework

Define, formalize, and maintain the Business Continuity Policy aligned with Payment Services' strategic objectives, stakeholder expectations (particularly SaaS clients), and applicable standards/regulatory requirements.
Establish the methodological framework for the continuity program, including planning, roles/responsibilities, plan lifecycle, documentation, and review process.
Implement effective governance, including committees, key roles, and validation/escalation processes.
Maintain ISO 22301 certification and extend the Business Continuity Management System (BCMS) framework to new Payment Services perimeters.

Business Impact Analysis & Risk Assessment

Lead and regularly update Business Impact Analyses (BIA) to identify critical processes, dependencies (e.g., human resources, IT, providers), and acceptable recovery times (RTO/RPO).
Conduct Business Continuity Risk Assessments to evaluate internal/external threats that could disrupt operations.
Identify risk mitigation measures and propose actionable plans to address identified risks.

Development & Maintenance of Continuity Plans

Design, formalize, and keep updated Business Continuity Plans (BCP), IT Disaster Recovery Plans (DRP), and crisis management procedures (e.g., emergency plans, crisis cells).
Integrate critical providers and suppliers into the continuity strategy to ensure complete alignment across the business.
Ensure alignment between business plans, IT plans, and contractual/SLA commitments with service providers and clients.

Testing, Exercises & Validation

Develop a multi-year continuity testing plan, including failover tests, crisis simulations, recovery drills, and documentation reviews.
Lead the execution of tests by defining scenarios, coordinating with business/IT teams, supervising, evaluating, and reporting outcomes.
Draft reports, analyze lessons learned, identify gaps, and follow up on corrective actions.
Report results to steering committees, top management, and regulatory authorities as required.

Crisis Coordination

Contribute to activating crisis management procedures during major incidents and ensure coordination with the crisis unit (e.g., documentation, decision logs, action follow-ups).
Ensure emergency contacts, escalation procedures, and crisis communication tools are regularly updated.
Monitor incident resolution and ensure the return to normal operations according to predefined plans.

Client Relationship Management

Ensure client continuity requirements (plans, service levels, recovery times) are addressed and met.
Lead discovery workshops with clients to capture and formalize non-functional continuity requirements.
Coordinate with project, business, and technical teams to ensure client requirements are integrated into the project lifecycle and validated before go-live.

Awareness, Training & Resilience Culture

Develop and deliver awareness sessions on business continuity for employees across the organization.
Train key stakeholders (plan owners, crisis team members, technical teams) on their roles and responsibilities in crisis scenarios.
Promote a culture of organizational resilience within the company.

Third-Party & External Dependency Management

Ensure that critical suppliers have adequate and tested continuity plans in place.
Integrate continuity requirements into RFPs, contracts, and SLAs.
Conduct or coordinate vendor continuity assessments to ensure alignment with continuity strategies.

Monitoring, Audit & Continuous Improvement

Define and monitor KPIs/KRIs for the continuity program and report regularly to management and governance committees.
Contribute to internal/external audits and regulatory inspections and respond to compliance requests.
Drive continuous improvement initiatives based on results from tests, incidents, and audits.

Business Continuity & Resilience Manager