🔁 Business Resilience Policy

1. Purpose

This document defines Nemu Inc.’s approach to ensuring continuity of critical services in the face of disruptions.

2. Scope

Includes:

• Customer-facing applications hosted on Render.
• Data stored in Supabase.
• Essential collaboration tools such as Google Workspace.

3. Resilience Strategy

Nemu Inc.’s strategy includes:

• Reliance on highly available CSPs for core infrastructure.
• Use of multiple environments (e.g., staging and production) for controlled deployments.
• Backup and recovery capabilities provided by Supabase and Render.

4. Roles and Responsibilities

• Business Resilience Owner (often Security or Operations Lead):
  • Maintains this policy and related procedures.
• Engineering:
  • Ensures deployment practices and architectures support recoverability.
• Leadership:
  • Prioritizes resources and decision-making during major incidents.

5. Management Reporting

Resilience and incident-related topics may be reported to leadership through:

• Incident post-mortems.
• Periodic risk or operations reviews.
• Customer-impact summaries when applicable.

6. Audit Evidence

• Copies of this policy and related BCDR procedures.
• Architecture overview highlighting resilience considerations.
• Sample incident reviews focusing on resilience lessons learned.

7 Business Continuity Procedures

• Defined roles and responsibilities during continuity events
• Step-by-step recovery procedures for critical systems
• Communication plans for internal and external stakeholders
• Dependencies on CSPs and third‑party services
• Testing guidelines and lessons‑learned integration

These procedures are maintained in a version-controlled repository to ensure continual updates, full change history, and auditable governance.

8. Compliance Mapping

• SOC 2: CC3.2, CC7.3
• ISO 27001:2013: A.17.1.1

Contact: support@mynemu.com
© 2025 Nemu Inc.. All rights reserved.