Red Hat business resilience for customer confidence
Red Hat maintains a comprehensive business resilience program consisting of business continuity, disaster recovery, and critical incident management plans across business functions, sites, and technologies. We have designed our systems and support processes to keep both Red Hat running and our customers and partners supported, secure, and stable when using our products and solutions.
Solving problems together
Red Hat is built on Red Hat® products. In our environment, we run Red Hat core technologies—including Red Hat Enterprise Linux®, Red Hat OpenShift®, and Red Hat Ansible® Automation Platform—in production environments. We are committed to using our products the same ways our customers do: to solve business problems and create new opportunities.
Business Resilience management
We have an established Business Resilience (BR) program consisting of business continuity, disaster recovery, and critical incident management. The program is under the sponsorship of the Chief Financial Officer, Chief Information Officer, and Executive Vice President of Products and Technologies, with executive-level advisory councils representing all business units and technologies. These cross-enterprise advisory councils regularly review business resilience policies, objectives, and progress at least once a year, as well as set the program’s overall strategic direction.
The BR program is supported by full-time, dedicated, certified staff in business continuity, disaster recovery, and critical incident management. It includes provisions stated in our policy for business impact analysis, risk assessment, and the creation of response plans. The program also includes regular training, maintenance, testing, and exercises, as well as updates from lessons learned and management reviews.
Business Resilience management policy
The underlying principle of our BR policies, standards, and guidelines is understanding the risk and impact of any disruption to critical business functions—and establishing the necessary procedures to set up, maintain, and exercise effective resumption plans for those functions, including dependent applications, technology, and suppliers. The policy establishes roles and responsibilities, scope, objectives, and a framework for recovery management, from interruptions to critical business functions.
Business continuity and disaster recovery plans
Critical business functions, processes, and technologies that support both internal and external customers have implemented business continuity and disaster recovery plans so that an interruption to our critical business functions will not significantly impact contracted service levels.
Critical plans are reviewed and tested and when significant changes are made to business processes, managed sites, or technologies. Plan testing—both scheduled and in response to disruptive events—has successfully demonstrated the effectiveness of the plans and the ability to transfer critical business processes and services to unaffected regions, with little to no impact on customers.
Pandemic and third-party response planning
Among the scenarios addressed in our functional-level business continuity plans are the widespread reduction of critical staff and loss of critical third-party service providers. The business functions responsible for critical business processes are geographically dispersed. Plans exist and are used to shift critical business services to other regions in the event of a regional disaster, including widespread illness. Business functions identify and review critical third parties annually to establish contingency plans in the event that the third party fails.
During the COVID-19 pandemic, we enacted these plans under the cross-organizational coordinated guidance of our corporate critical incident management team in support of business continuity and local site response teams across the globe. We continue to monitor and analyze changes, and we remain committed to supporting associates, customers, and partners.
Critical incident management plans
Red Hat has an established Critical Incident Management program to support the identification, assessment and response actions for information security, facility and business impacting events. The program identifies team roles and responsibilities, formal incident assessment and response processes, as well as effective crisis management team communications using an automated mass-notification system to reach associates worldwide. Each Red Hat managed facility has a Site Emergency Response team to safeguard the health and human safety of associates and guests for incidents impacting Red Hat properties.
Red Hat information security and privacy
At Red Hat, trust is essential to doing business. That’s why we work every day to secure customer data.
- Copyright © 2021 Red Hat Inc. Red Hat, Red Hat Enterprise Linux, the Red Hat logo, and OpenShift are trademarks or registered trademarks of Red Hat Inc. or its subsidiaries in the United States and other countries. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries.
The OpenStack word mark and the Square O Design, together or apart, are trademarks or registered trademarks of OpenStack Foundation in the United States and other countries, and are used with the OpenStack Foundation’s permission. Red Hat Inc. is not affiliated with, endorsed by, or sponsored by the OpenStack Foundation or the OpenStack community.
Updated July 2024
Procurement
Request for proposal (RFP) rapid response
We have a dedicated team to work with our global sales organization and partner ecosystem for any request for proposal responses. Rest assured that each request or project will be managed by a dedicated account person with team support from across Red Hat and, if necessary, IBM. We welcome your questions and requirements.
Contact us
If you need specific data or additional information about Red Hat’s business continuity, compliance, security, or other related areas, email: bcp@redhat.com.
