Business Continuity Management Policy

Internal recovery time and recovery point objectives (RTO/RPO) are defined in operational documents and reviewed with leadership. This page sets out management policy; it does not guarantee uninterrupted service.

1. Purpose

PayBitt Technologies Limited (“PayBitt”) maintains capabilities to continue critical services during disruptions and to recover them within acceptable timeframes. This policy aligns with good practice in ISO 22301 (Security and resilience — Business continuity management systems) as a reference framework, without implying certification unless separately published.

2. Scope

Applies to payment platform APIs, merchant dashboards, administrative tooling, databases, integrations with banking and VAS partners, and supporting infrastructure. It covers natural disasters, technology failures, cyber incidents, supplier outages, and workforce unavailability that materially affect these services.

3. Governance

Leadership assigns accountability for business continuity. Engineering and operations maintain playbooks, escalation paths, and contact trees. Material decisions during major incidents are coordinated through a designated incident commander or equivalent role.

4. Business impact analysis

We identify critical business functions, dependencies (internal and third party), and tolerable outage windows. Findings inform investment in redundancy, monitoring, and contingency arrangements.

5. Incident & crisis management

Incidents are classified by severity. Activation thresholds trigger standing response procedures: situation assessment, stakeholder notification internally, customer communications where appropriate, coordination with partners (banks, PSPs, cloud), and regulatory notification when legally required.

6. Recovery strategies

• Geographically distributed or redundant infrastructure where technically and cost-justified.
• Automated scaling and health checks for critical services.
• Backup and restoration procedures for databases and configuration.
• Documented failover or degraded-mode operation where applicable.

7. Communications

During prolonged outages, PayBitt will communicate through official channels (status page, merchant dashboard notices, and support contacts as available). We avoid speculative timelines and update as facts change.

8. Testing & exercises

Tabletop exercises, restore tests, or failover drills are conducted on a planned schedule. Lessons learned are tracked and remediated.

9. Third-party continuity

Material vendors must provide reasonable assurances of their own continuity posture where contractually required. We maintain awareness of key supplier status pages and escalation contacts.

10. Training & awareness

Personnel with continuity responsibilities receive orientation on this policy and relevant runbooks.

11. Review

This policy is reviewed at least annually and after major incidents.

12. Contact

Operations & security: security@paybitt.com · Customer support: see Support