← All policies DAIS-POL-002 Governance, Compliance & Operations

Provider Contingency

DAIS-POL-002
Provider Contingency and Adverse Effects Policy
Data and AI School of London, NCFE Approved Centre

Policy Owner: Head of Centre
Version: 1.0 | Date: April 2026 | Review: April 2027
NCFE Risk Level: High
Mode of Delivery: Fully Online

2.1 Purpose and Scope

This policy sets out the Data and AI School of London's plans for maintaining continuity of qualification delivery and protecting learner interests in the event of an adverse situation. As the school operates entirely online, particular attention is given to technology failures, cybersecurity incidents, and platform unavailability.

2.2 Identified Adverse Scenarios

Organisational Risks

Technology and Digital Risks

External Risks

2.3 Contingency Procedures

VLE or Platform Outage

1. The IT/Platform Lead is notified immediately and escalates to the platform provider's support team.

2. Learners are notified via the school's emergency email contact list within 4 hours of the outage being confirmed.

3. Learning materials are made available via a backup cloud storage location communicated to learners at induction.

4. Any scheduled live sessions will be rearranged and learners notified by email.

5. If the outage extends beyond 5 working days, the Head of Centre will notify NCFE.

Cybersecurity Incident

1. The IT/Platform Lead isolates affected systems immediately.

2. The Head of Centre is notified within 1 hour.

3. If personal data has been compromised, the DPO initiates the ICO notification process within 72 hours.

4. Learners and NCFE are notified as appropriate and advised of any impact on their records.

5. The incident is logged and reviewed as part of the annual security audit.

Loss of NCFE Approval

1. The Head of Centre notifies all learners within 5 working days.

2. The centre works with NCFE to identify a suitable alternative approved centre.

3. Learner records and assessment portfolios are transferred securely to the alternative centre.

4. The centre will not accept new learner registrations from the date of withdrawal.

5. All learner data is retained in accordance with Policy 6.

2.4 Data Backup and Recovery

All learner records, assessment evidence, and IQA documentation are stored in cloud-based systems with automated daily backups to a secondary cloud location. The IT/Platform Lead tests backup integrity at least once per term. Recovery procedures are documented in the IT Security and Backup Procedure document.

2.5 Emergency Communication

The Compliance Manager maintains an emergency contact list of all currently enrolled learners' email addresses, held outside the VLE. This list is updated at every enrolment and withdrawal and is used solely for emergency communications when the VLE is inaccessible.

This policy is reviewed annually. Next review: April 2027. Approved by: Head of Centre. © Data and AI School of London, April 2026. NCFE Approved Centre.