<!-- This is the markdown version of https://www.fixinc.io/disciplines/policy-and-framework -->
<!-- Canonical URL: https://www.fixinc.io/disciplines/policy-and-framework -->

# Policy and Framework

> The foundational discipline of Business Continuity programs, establishing governance, responsibilities, and objectives through leadership-endorsed documentation aligned with ISO 22301 standards. 

*This content is available in full at: https://www.fixinc.io/disciplines/policy-and-framework*

Your Business Continuity program is only as strong as its foundation. Policy and Framework sets the tone from the top, clarifying responsibilities, objectives, and how continuity fits into your organisation's DNA. It serves as the charter that response, planning, and training efforts all stem from. When reviewed, signed off, and endorsed by leadership, resilience transforms from a project into a priority.

## Delivery Approach

Fixinc builds Policy and Framework around your actual business rather than using generic templates. The approach aligns with [ISO 22301](https://docs.fixinc.io/service/iso22301.md), integrates executives from day one, and produces documentation that is short, sharp, and actionable. The outcome is a foundation your entire program can stand on.

### Four-Step Process

1. **Plan**: Agile, first-principles planning ensures a smooth rollout of your refreshed program
2. **Do**: Policy and Framework is rolled out smoothly across your organisation
3. **Check**: Your Policy and Framework is validated rather than remaining in draft form
4. **Act**: Your team and Fixinc's team will be ready when your Policy and Framework is activated in real-life situations

## Engagement Process

### Initial Consultation

- A link will be sent via email from the Advisory team
- Choose a convenient time to chat over phone, Teams, Zoom, or in person
- 30-45 minute discussion covering your objectives and how Fixinc operates
- Opportunity for questions and answers

### Proposal and Quote

- Proposal delivered within 24 hours detailing scope of work
- Discussion one week later
- Final quote provided within 10 minutes of discussion for signature
- If not signed within five weeks, the engagement will not proceed

### Delivery Phases

**Review and Health Check**: All Policy and Framework implementations start with a deep review of existing documentation. Benchmarks are set based on best practice and ISO standards.

**Design and Develop**: With appropriate involvement from your team, Fixinc builds the Policy and Framework component of your [Business Continuity](https://docs.fixinc.io/service/business-continuity.md) program to the highest quality available.

**Validate**: Where appropriate, new Policy and Framework is tested and validated. This provides tangible evidence of capability and maturity to stakeholders.

**Maintain**: A plan is built to ensure Policy and Framework runs annually, addressing the primary setback of maintaining momentum in resilience programs.

## Related Business Continuity Disciplines

- [Business Impact Analysis](https://docs.fixinc.io/disciplines/business-impact-analysis.md): Identifies what matters most so you can protect it, prioritise it, and recover quickly
- [Business Continuity Training](https://docs.fixinc.io/disciplines/business-continuity-training.md): Trains teams to understand, own, and act on continuity fundamentals with confidence
- [Business Continuity Plan](https://docs.fixinc.io/disciplines/business-continuity-plan.md): Your playbook for keeping operations running when unexpected disruptions occur
- [Threat Intelligence and Analysis](https://docs.fixinc.io/disciplines/threat-intelligence-and-analysis.md): Delivers actionable insights into potential threats, enabling proactive preparedness
- [Business Continuity Policy and Program Management](https://docs.fixinc.io/disciplines/business-continuity-policy-and-program-management.md): Where business continuity becomes operational through program governance
- [Business Continuity Program Review and Audit](https://docs.fixinc.io/disciplines/business-continuity-program-review-and-audit.md): Determines whether your program actually works as intended
- [Desktop Scenario Exercises](https://docs.fixinc.io/disciplines/desktop-scenario-exercises.md): Brings plans to life through real events, tailored threats, and tough decisions without real-world consequences

## Frequently Asked Questions

**How is Policy and Framework different from traditional approaches?**

Unlike templated models, Policy and Framework work adapts to the client's sector, stakeholders, and risk profile. The approach is hands-on, flexible, and always validated.

**What does the Policy and Framework discipline involve when delivered by Fixinc?**

Policy and Framework at Fixinc is built to be clear, structured, and aligned with the Tungsten Diamond lifecycle. It is tailored to your program maturity and backed by real-world application.

**How do we know when Policy and Framework activity is fully effective?**

Success is validated through exercises, engagement, and outcomes. If your Policy and Framework effort drives action, conversation, and continuous use, it is working.

**What kind of outcomes can we expect from engaging in Policy and Framework?**

Clients typically gain clarity, leadership alignment, and a measurable shift in preparedness through Policy and Framework delivery, regardless of their starting point.

**Does Policy and Framework link to other services or tools offered?**

Yes. Policy and Framework often feeds into other services like planning, validation, or digital tools. It is designed to integrate rather than sit in a silo.

---

**View this page online:** https://www.fixinc.io/disciplines/policy-and-framework

For program inquiries: [Contact Fixinc](https://www.fixinc.io/contact) | info@fixinc.org | +64 800 349 462