Business Continuity Plan for Bank - PowerPoint

Description

Business Continuity Plan for Bank document sample

Shared by: oyp15723

Tags

business continuity plan, business disruption, business continuity, Business continuity planning, business disruptions, business district, business operations, How to, disaster recovery, the Business

Stats

views:: 56
posted:: 1/10/2011
language:: English
pages:: 9

Public Domain

Document Sample

							 CRITICAL INFRASTRUCTURE
 BANKING/FINANCE SECTOR
  Mike Stamper, Bank Analyst
Tracy Bergmann, Bank Examiner
CRITICAL INFRASTRUCTURE
 National   Infrastructure Protection Plan
       Business Continuity Plan
 Examiner    Expectations
     Each institution should have a Business
      Continuity Program (BCP).
     Programs will vary based on the organizations
      size, complexity, and risk profile.
       Business Continuity Plan
 Aneffective Business Continuity Plan
 (BCP) will include four elements:
     Plan/Policy
     Training
     Testing
     Auditing
         Business Continuity Plan
   Plan/Policy – should address the following at a
    minimum:
       Define clear lines of authority.
       Board and senior management oversight.
       Identify various threats presenting risk to the
        institution (e.g. - fire, flood, robbery, power disruption)
        along with reactionary procedures.
       Contact information for critical vendors, emergency
        personnel, regulators, and employees.
       Include a supply list.
       Back-up and restoration of critical systems.
       Testing, training, and auditing considerations.
       Business Continuity Plan
 Training
     Should be performed on at least an annual
      basis to ensure employees know how to
      respond in the event of a threat occurring.
     Include all levels of staff.
     A current copy of the plan should be readily
      available to all employees.
     Members of senior management should
      maintain a copy of the plan offsite.
         Business Continuity Plan
   Testing
       Should be performed on at least an annual basis to
        measure the overall effectiveness of the plan.
         • This includes the testing of the backup tapes.
       Testing methods will range from table top discussions
        to walking through mock disaster situations.
       Management should also document any real life
        events that test the implementation and adequacy of
        the plan.
         • Lessons learned should be incorporated into the plan.
         Business Continuity Plan
   Auditing should address the following:
       Assess the adequacy and accuracy of the information
        contained within the plan and attachments.
       Verify employees have access to the plan.
       Training has occurred and covers all departments and
        facets of the operation.
       Annual testing has been done and documented.
       Verify contracts have been established for backup
        arrangements.
       Ensure that the Board of Directors have
        reviewed/approved the plan, testing, training, and has
        been documented in the minutes.
       Business Continuity Plan
 Reference      Material
     FFIEC Business Continuity Planning (BCP) IT
      Examination Handbook – March 2008
       • www.ffiec.gov