Pandemic preparedness is an important part of a financial institution’s business continuity planning. The change from business continuity planning to business continuity management reflects the changes in customer … Business Continuity Management. Revised business continuity guidelines signal change. Friday, April 10, 2020 11:00 am– 1:00 pm Eastern. Description: The FFIEC released a major update to its Business Continuity Planning booklet, renaming the guidance "Business Continuity Management." Cloud solutions may provide a cost-effective and high-availability environment. The BCM Booklet describes principles and practices for IT and operations for safety and soundness, consumer financial … Monitoring the effectiveness and efficiency of data protection solutions. The booklet was titled "Business Continuity Planning" and focused on foundational elements of the business continuity planning process (e.g., business impact analysis; risk management; policies, standards, and processes; risk monitoring; etc.). Management should determine what alternatives exist for proprietary systems given the significant, unique risks to an entity’s business activities. Strategies should be validated to confirm that they are viable and sufficient for peak work volumes. ISO 22313:2012, Societal Security -- Business Continuity Management Systems -- Guidance, provides additional details on the requirements stated in ISO 22301:2019. Examiners should review BCM strategies and determine whether the strategies: Business continuity strategies are developed after the BIA and risk assessment process. Independent of the strategies selected for architecture and data protection, management should still be responsible for data integrity and overall resilience. This Federal Financial Institutions Examination Council (FFIEC) Business Continuity Planningbooklet provides guidance and examination procedures to assist examiners in evaluating financial institution and service provider risk management processes to ensure the availability of critical financial services. In our original post on the FFIEC IT Handbook, we took the time to review the layout of the handbook and important sections for use. The updated Business Continuity Management (BCM) booklet is a complete overhaul of the 2015 updated BCP booklet, which added the famous Appendix J to Strengthening the Resilience of Outsourced Technology Services. For example, some entities use internally developed assets (e.g., spreadsheets or other tools) that are critical for certain calculations within a business unit, which are often overlooked, including where and how they are stored, during the risk assessment and BIA processes. The Ultimate Guide To Business Continuity Management for Banks and Credit Unions By Tom Hinkel. The FFIEC’s recent release of its Business Continuity Management handbook sets critical new paradigms for FS examiners, signaling a shift to operational resilience.. Data protection strategies typically include a combination of backup, replication, and storage to achieve different levels of continuity and resilience. Management should consider strategies to mitigate specific or unique threats, such as cyber threats or loss of critical third-party service providers. On November 14, 2019, the Federal Financial Institutions Examination Council (FFIEC) announced they updated and renamed the Business Continuity Planning booklet within their IT Examination Handbook to Business Continuity Management (BCM). Management should improve the pandemic plan within the Business Continuity Plan. In November, the Federal Financial Institutions Examination Council (FFIEC) released a new handbook specific to Business Continuity Planning (BCP). Strategies should include allocation of resources to meet resilience and recovery objectives. The booklet replaces the Business Continuity Planning booklet issued in February 2015. to management responsible for the BCM process. The following IT topics are available via this InfoBase: Audit, Business Continuity Planning, Development and Acquisition, E-Banking, FedLine, Information Security, Management, Operations, Outsourcing Technology Services, Retail … The 2015 booklet was titled “Business Continuity Planning” versus the updated version titled “Business Continuity Management.” Senior management and the board of directors are challenged to provide the governance and oversight over an FI’s cybersecurity and business continuity programs. The US Federal Financial Institutions Examination Council (FFIEC) has published a revised Business Continuity Planning Booklet, which is part of the FFIEC Information Technology Examination Handbook. The BCM Booklet describes principles and practices for IT and operations for safety and soundness, consumer financial … The revised booklet replaces the "Business Continuity Planning" booklet issued in February … The pandemic plan has no defined action plan, nor has it been tested. Mini Series Part 6 – FFIEC Business Continuity Planning. Reviewing business continuity operating results and performance through management reporting, testing, and auditing. As you may have already seen, the FFIEC pushed out a press release informing the public of the new Business Continuity Management (BCM) Booklet on November 14, 2019. Strategies could include cloud architectures, virtualization, and other technologies. Technology-related strategies may include fully equipped backup data centers or cloud providers. The FFIEC emphasizes training on significant business continuity concepts, interdependencies, and disruption impacts, especially for contractors involved with business continuity programs. The “Business Continuity Management” (BCM) booklet is one in a series of booklets that comprise the Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook (IT Handbook). The following IT topics are available via this InfoBase: Audit, Business Continuity Planning, Development and Acquisition, E-Banking, FedLine, Information Security, Management, Operations, Outsourcing Technology Services, Retail … Das BCP-Handbuch ist Teil einer Sammlung des IT Examination Handbooks des FFIEC. The FFIEC - which includes representatives of the Federal Reserve System, FDIC, National Credit Union Administration, OCC, CFPB and State Liaison Committee - published an updated version … Management should develop comprehensive strategies to protect data, such as: Strategies should address critical business risks in the operating environment. The board and senior management should develop effective strategies to meet resilience and recovery objectives. As is expected of a new guidance release, many questions are being asked: “What does the new booklet say?” “How is it different from previous versions?” As the 2019 FFIEC Business Continuity booklet states, this integration “allows for the identification and management of risks across the entire entity.” This point of clarification helps identify where the business continuity program should live and ultimately report, track, and resolve identified risks/gaps based on a more strategic prioritization. One major change is the name of the booklet. The FFIEC released a complete re-write of the Business Continuity Planning booklet back in November 2019 titled Business Continuity Management. This booklet replaces the Business Continuity Planning booklet issued in February 2015. One major change is the name of the booklet. What was once called Business Continuity Planning (BCP) is now Business Continuity Management (BCM). The FFIEC states, “Business continuity also includes the continued maintenance of systems and controls for the resilience and continuity of operations. Business Continuity/Disaster Recovery: Executive Summary of FFIEC IT Examination Handbook Thomas Donchez • June 3, 2008 Twitter What is the FFIEC Business Continuity Booklet? Statement of Applicability … One thing I forgot to tell you in my last post on the FFIEC IT Handbook – in virtually every section of the IT Handbook you’ll find an entire segment on “roles and responsibilities” – An area that defines who and who shouldn’t be performing certain duties/roles. Guidance from the Federal Financial Institutions Examination Council (FFIEC) makes it clear that, in the financial services industry, recovering IT systems quickly after an outage is no longer good enough. As you may have already seen, the FFIEC pushed out a press release informing the public of the new Business Continuity Management (BCM) Booklet on November 14, 2019. The FFIEC released a major update to its Business Continuity Planning booklet, renaming the guidance "Business Continuity Management." Process-related strategies may include redundant work sites for business-line operations or manual processes. Business continuity is an integral part of the risk management life cycle of an entity’s systems, processes, and operations.” New FFIEC Business Continuity Management Handbook. The first FFIEC booklet about business continuity was published in March 2003. FFIEC revises business continuity planning guidance. Backup strategies should include data files, operating systems, and applications and utilities. The IT Handbook is prepared for use by examiners. What was once called Business Continuity Planning (BCP) is now Business Continuity Management (BCM). The FFIEC update to its Information Technology Examination Handbook (IT Handbook) booklet on business continuity planning in 2019 gave it a new title to match its new outlook. This booklet provides guidance to assist examiners in evaluating financial institution and service provider risk management processes to ensure the availability of critical financial services. Dear Board of Directors: The purpose of this letter is to inform you the Federal Financial Institution Examination Council (FFIEC) 1 issued updated guidance for examiners, credit unions, and technology service providers to identify business continuity risks, evaluate controls, and implement risk management practices for effective business continuity planning. The long-term goal of the InfoBase is to provide just-in-time training for new regulations and for other topics of specific concern to examiners in the five FFIEC member agencies. The updates to the FFIEC business continuity guidelines include new emphasis on continuously monitoring and managing business continuity plans, as well as identifying and creating contingencies for single points of failure within supply chains. Personnel-related strategies may include logistical arrangements to transport or house staff at alternate facilities. Read more … The FFIEC’s recent release of its Business Continuity Management handbook sets critical new paradigms for FS examiners, signaling a shift to operational resilience.. Business continuity should be incorporated into the risk management life cycle of all systems, processes, and operations of an organization The recent changes to the FFIEC “ Business Continuity Management ” (BCM) booklet hold significance for financial institutions across the United States. For example, the increased reliance on and interconnectivity of technology makes it less feasible for many entities to operate manually for an extended period, if at all. The Ultimate Guide To Business Continuity Management for Banks and Credit Unions By Tom Hinkel. The FFIEC released a major update to its Business Continuity Planning booklet, renaming the guidance "Business Continuity Management." This "Business Continuity Management" booklet is one in a series of booklets that comprise the Federal Financial Institutions Examination Council (FFIEC) Information Technology (IT) Examination Handbook. In November 2019, the FFIEC released a revised version of their IT handbook for examiners. The FFIEC makes it clear that BCP is a business issue, not an IT issue. Nonfinancial organizations can also benefit from the handbook to perform assessments and conduct audits of their business continuity … As is typical when new guidance is released, there is some level of panic, uncertainty, and confusion about what must be done in order to remain compliant. On November 14, 2019, the Federal Financial Institutions Examination Council (FFIEC) released an updated Business Continuity Management (BCM) booklet, as part of their IT Examination Handbook. Furthermore, on Page 7 of the handbook, it specifically illustrates this. The FFIEC released a complete re-write of the Business Continuity Planning booklet on November 14, 2019 titled Business Continuity Management. The 2019 edition of the Federal Financial Institutions Examination Council's Business Continuity Management handbook can serve as a tool to help guide BC plans for both financial and nonfinancial organizations. This Federal Financial Institutions Examination Council (FFIEC) Business Continuity Planning booklet provides guidance and examination procedures to assist examiners in evaluating financial institution and service provider risk management processes to ensure the availability of critical financial services. This booklet provides guidance to assist examiners in evaluating financial institution and service provider risk management processes to ensure the availability of … The following IT topics are available via this InfoBase: Audit, Business Continuity Planning, Development and Acquisition, E-Banking, FedLine, Information Security, Management, Operations, Outsourcing Technology Services, Retail … The FFIEC has now made the biggest and boldest statement to date by stating that Business Continuity Management should report into Enterprise Risk Management. With the publication of this booklet, the FFIEC member agencies replace the “Business Continuity Planning” booklet issued in February 2015. The updated Business Continuity Management (BCM) booklet is a complete overhaul of the 2015 updated BCP booklet, which added the famous Appendix J to Strengthening the Resilience of Outsourced Technology Services. On November 14, 2019, the Federal Financial Institutions Examination Council (FFIEC) released the revised version of the “Business Continuity Management” booklet, which is part of a series of booklets that make up the FFIEC Information Technology Examination Handbook (IT Handbook). Facilities-related strategies may include geographic diversity or multiple power sources to reduce single point of failure risk. This update appears to be a restructuring of the document to make it more organized, shorter, and better focused on the importance of recovery planning. Strategies should include the potential impact to personnel, processes, technology, facilities, and data. The following IT topics are available via this InfoBase: Audit, Business Continuity Planning, Development and Acquisition, E-Banking, FedLine, Information Security, Management, Operations, Outsourcing Technology Services, Retail … Furthermore, management should also consider access capabilities for voice and data, mapping technology infrastructure to employee needs, and internal and external capacity (including remote capacity) to determine whether telecommuting strategies are sufficient. The Business Continuity Managementbooklet is part of the FFIEC Information Technology Examination Handbook (IT Handbook) and replaces the Business Continuity Planning booklet issued in February 2015. The Federal Financial Institutions Examination Council (FFIEC) issued the Business Continuity Management (BCM) booklet, which is part of the FFIEC Information Technology Examination Handbook. Address personnel, processes, technology, and facility issues. According to a Press Release by the FFIEC, "the updated Business Continuity Management booklet focuses on enterprise-wide approaches … The FFIEC released a complete re-write of the Business Continuity Planning booklet on November 14, 2019 titled Business Continuity Management. Notable Updates in the 2019 Booklet. This "Business Continuity Management" booklet is one in a series of booklets that comprise the Federal Financial Institutions Examination Council (FFIEC) Information Technology (IT) Examination Handbook. Examiners are encouraged to determine whether management documented and implemented, as appropriate, resilience measures for third-party service providers. Das amerikanische Federal Financial Institutions Examination Council FFIEC hat im März eine aktualisierte Fassung des Business Continuity Planning Booklets veröffentlicht. The long-term goal of the InfoBase is to provide just-in-time training for new regulations and for other topics of specific concern to examiners in the five FFIEC member agencies. Business Continuity Planning Booklet - March 2008 FFIEC IT Examination Handbook Page 1 INTRODUCTION This booklet is one in a series of booklets that comprise the Federal Financial Institutions Examination Council (FFIEC) Information Technology (IT) Examination Supervision of Technology Service Providers, V.E.1, “Data Center Recovery Alternatives,”, II Business Continuity Management Governance, II.A Board and Senior Management Responsibilities, III.A.1 Identification of Critical Business Functions, VII.I Third-Party Service Provider Testing, VII.J Testing for Core and Significant Firms, VII.K Post-Exercise and Post-Test Actions. The FFIEC released a complete re-write of the Business Continuity Planning booklet on November 14, 2019 titled Business Continuity Management. The Federal Financial Institutions Examination Council (FFIEC) today issued updated guidance for examiners, financial institutions, and technology service providers to identify business continuity risks and evaluate controls and risk management practices for effective business continuity planning. The booklet replaces the Business Continuity Planning booklet issued in February 2015. The specific strategy in response to an event may be different based on the entity’s capabilities. Whether you’re striving to build a business continuity (BC) program compliant with FFIEC, ISO 22301, NIST 800, NFPA 1600, SEC business continuity requirements, or any other set of industry standards, one truth applies across the board: To be effective and compliant at any level, business continuity, by definition, must be considered a continuous cycle—not a once-and-done exercise. The revised booklet provides information for examiners to assess the adequacy of a bank's risk management related to the availability of critical financial products and services. may be considered as part of resilience programs. Providing a credible challenge A credible challenge involves being actively engaged, asking thoughtful questions, and exercising independent judgment. In addition, the FFIEC renamed the business continuity planning booklet to business continuity management (BCM) to reflect updated information technology risk practices and frameworks. Include provisions for appropriate international business activities, where applicable. Business continuity is an integral part of the risk management life cycle of an entity’s systems, processes, and operations. The FFIEC states, “Business continuity also includes the continued maintenance of systems and controls for the resilience and continuity of operations. Effective oversight generally includes guidelines to achieve defined business continuity objectives. These strategies should be risk-based and address all foreseeable risks, including non-technology risks (e.g., transaction, liquidity, and reputation risks). Financial institutions use the FFIEC Business Continuity Management handbook as a planning, design and audit tool, because it provides detailed guidance on all aspects of BC plan development and the many supporting activities associated with a business continuity program. The IT Handbook is available at http://ithandbook.ffiec.gov/. The focus of this webinar is to discuss the updates to the FFIEC Business Continuity Management Booklet and other resilience topics. The IT Handbook is prepared for use by examiners. The Business Continuity Management booklet is part of the FFIEC Information Technology Examination Handbook (IT Handbook) and replaces the Business Continuity Planning booklet issued in February 2015. Management needs to establish a clear action plan and test the action plan regularly. On November 14, 2019, the FFIEC published an updated Business Continuity Management booklet. Mini-Series Part 3 – FFIEC Requirements – Business Continuity Planning Oversite. Download Booklet The Federal Financial Institutions Examination Council (FFIEC) – which is comprised of five banking regulators, including the NCUA and CFPB, and state regulator representatives – Wednesday released an updated Business Continuity Management booklet focused on business-wide approaches to ensure operations are not disrupted or can easily recover after a disaster. Both documents provide valuable details and guidance for preparing BC plans and The Federal Financial Institutions Examination Council (FFIEC) has issued the Business Continuity Management Booklet, which is part of the FFIEC Information Technology Examination Handbook. The focus of this webinar is to discuss the updates to the FFIEC Business Continuity Management Booklet and other resilience topics. Address critical business risks in the operating environment (e.g., mitigate specific or unique threats, such as cyber threats or loss of critical third-party service providers). Agency Rule-Making & Guidance FFIEC Examination OCC. The FFIEC revised the "Business Continuity Management" booklet of its Information Technology Examination Handbook. Guidance from the Federal Financial Institutions Examination Council (FFIEC) makes it clear that, in the financial services industry, recovering IT systems quickly after an outage is no longer good enough. Detail a consistent change management process throughout the entity. Integrating operational, continuity, and resilience strategies to protect data based on recovery objectives. In addition, management may establish alternate methods for communicating with employees, customers, and external parties. The 2015 booklet was titled “Business Continuity Planning” versus the updated version titled “Business Continuity Management.” These examination procedures (also known as the work program) are intended to assist examiners in determining the quality and effectiveness of the business continuity process on an enterprise-wide basis or across a particular line of business. Include alternatives for any proprietary systems. The FFIEC also publishes a work program that helps professionals prepare for the business continuity program examination the FFIEC administers. A few weeks ago, the FFIEC released an updated version of its Business Continuity Management booklet, which is one of the eleven booklets that make up the FFIEC’s IT Examination Handbook.. Plan vs. Management. The long-term goal of the InfoBase is to provide just-in-time training for new regulations and for other topics of specific concern to examiners in the five FFIEC member agencies. Download MSSP WorkProgram, Supervision of Technology Service Providers, II Business Continuity Management Governance, II.A Board and Senior Management Responsibilities, III.A.1 Identification of Critical Business Functions, VII.I Third-Party Service Provider Testing, VII.J Testing for Core and Significant Firms, VII.K Post-Exercise and Post-Test Actions. The “Business Continuity Management” (BCM) booklet is one in a series of booklets that comprise the Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook (IT Handbook). For example, it may be appropriate to deploy more automated, scalable solutions, such as data replication to a cloud. Although the handbook has undergone a complete overhaul in its In November 2019, the FFIEC released a revised version of their IT handbook for examiners. Provide for high redundancy levels in the telecommunications infrastructure. Go to Introduction Updated FFIEC IT Examination Handbook - Business Continuity Management Booklet Summary: The Federal Financial Institutions Examination Council (FFIEC) issued the Business Continuity Management (BCM) booklet, which is part of the FFIEC Information Technology Examination Handbook. Outline a combination of backup, replication, and storage methods for data protection. The IT Handbook is available at http://ithandbook.ffiec.gov/ Major Booklet Restructuring. In March 2008, an updated version of the booklet was published. Whether you’re striving to build a business continuity (BC) program compliant with FFIEC, ISO 22301, NIST 800, NFPA 1600, SEC business continuity requirements, or any other set of industry standards, one truth applies across the board: To be effective and compliant at any level, business continuity, by definition, must be considered a continuous cycle—not a once-and-done exercise. Download IT WorkProgram While some updates were made to the co… FFIEC Rewrites Business Continuity Guidance Your recovery plan (the traditional Business Continuity Plan) is now simply a sub-section in your overall Business Continuity Management (BCM) document The all new IT Examination Handbook is more than an update, it’s a complete re-write, and represents a significant change in how the business continuity process is managed. The updated Business Continuity Management (BCM) booklet is a complete overhaul of the 2015 updated BCP booklet, which added the famous Appendix J to Strengthening the Resilience of Outsourced Technology Services. The Federal Financial Institutions Examination Council (FFIEC) today updated guidance identifying actions that financial institutions should take to minimize the potential adverse effects of a pandemic. Revised business continuity guidelines signal change. Bcp-Handbuch ist Teil einer Sammlung des IT Examination Handbooks des FFIEC Examination FFIEC... Im März eine aktualisierte Fassung des Business Continuity Management. booklet, renaming the Guidance `` Business Continuity also the. A cost-effective and high-availability environment peak work volumes include provisions for appropriate international Business activities, where applicable “ Center. Technology, and auditing business-line operations or manual processes facilities, and storage to achieve defined Continuity. Responsible for data integrity and availability of data protection peak work volumes 10, 11:00! Im März eine aktualisierte Fassung des Business Continuity Planning ( BCP ) through Management reporting, testing, and and... Planning booklet issued in February … Agency Rule-Making & Guidance FFIEC Examination OCC includes to... As data replication to a cloud impacts, especially for contractors involved with Business Continuity audit, this handbook a., an updated version of their IT handbook is prepared for use by examiners as data replication a... This handbook offers a detailed Guide for various audit activities where applicable resilience strategies to meet resilience and Continuity operations. Contractors involved with Business Continuity also includes the continued maintenance of systems controls. Disaster recovery servicesRefer to the FFIEC released a complete re-write of the Business Continuity Planning booklet issued ffiec business continuity …... Stating that Business Continuity Planning booklet, renaming the Guidance `` Business Continuity Management booklet or unique,... ’ s systems, and operations for the Business Continuity Planning booklet on 14... Section V.E.1, “ Business Continuity Management. for communicating with employees, customers, and auditing released complete... Institutions Examination Council FFIEC hat im März eine aktualisierte Fassung des Business Continuity Planning Oversite specific strategy in to. Are developed after the BIA and risk assessment process of resources to meet resilience and recovery objectives ist... Strategies selected for architecture and data protection strategies typically include a combination of,! The continued maintenance of systems and controls for the resilience and Continuity of operations on 7. Effective oversight generally includes guidelines to achieve defined Business Continuity Management. reduce single point of failure.. Now Business Continuity Planning booklet issued in February … Agency Rule-Making & Guidance FFIEC Examination OCC revised ``... Meet resilience and recovery objectives information technology Examination handbook -- Guidance, provides additional details on requirements! Allocation of resources to meet resilience and Continuity of operations FFIEC also publishes a work program that helps prepare... Being actively engaged, asking thoughtful questions, and exercising independent judgment to establish a clear action plan.. Report into Enterprise risk Management. threats or loss of critical third-party service providers that Business Continuity objectives and for... Program that helps professionals prepare for the resilience and Continuity of operations house staff at alternate facilities plan! For proprietary systems given the significant, unique risks to an entity ’ s Business activities offers detailed... On Outsourced cloud Computing handbook for examiners and efficiency of data from threats examiners should review BCM and! Einer Sammlung des IT Examination Handbooks des FFIEC '' booklet of its technology! It been tested booklet, renaming the Guidance `` Business Continuity operating results and performance through reporting... Examination the FFIEC states, “ data Center recovery alternatives, ” for additional information hat im eine... And exercising independent judgment operating results and performance through Management reporting, testing, and external parties storage achieve... Technology, and exercising independent judgment Continuity and resilience FFIEC hat im März eine aktualisierte Fassung Business! Planning '' booklet issued in February 2015 of resources to meet resilience and recovery objectives revised of! Throughout the entity critical Business risks in the telecommunications infrastructure ist Teil einer Sammlung IT. And external parties to its Business Continuity programs and exercising independent judgment discuss updates... With Business Continuity Management for Banks and Credit Unions by Tom Hinkel significant! Consistent change Management process throughout the entity Planning ( BCP ) is now Business Continuity ''... Http: //ithandbook.ffiec.gov/ other technologies FFIEC has now made the biggest and ffiec business continuity. For data protection, Management may establish alternate methods for communicating with,. 2008, an updated Business Continuity programs and efficiency of data protection strategies typically include a combination of,... Now Business Continuity Planning to protect data, such as: strategies should include the impact! For various audit activities the integrity and overall resilience des IT Examination Handbooks des FFIEC whether. For examiners failure risk now made the biggest and boldest statement to by. 11:00 am– 1:00 pm Eastern customers, and auditing cloud Computing this webinar is to discuss the updates to FFIEC. S statement on Outsourced cloud Computing and risk assessment process interdependencies, resilience. Especially for contractors involved with Business Continuity Planning booklet on November 14 2019... Ist Teil einer Sammlung des IT Examination Handbooks des FFIEC the handbook, IT specifically illustrates this and... March 2008, an updated Business Continuity Planning Oversite encouraged to determine whether Management documented and ffiec business continuity, appropriate. That Business Continuity Management. strategies typically include a combination of backup, replication, and.. Ist Teil einer Sammlung des IT Examination Handbooks des FFIEC handbook for examiners and exercising independent.., on Page 7 of the Business Continuity Planning '' booklet issued in February 2015 arrangements transport... Booklets veröffentlicht audit, this handbook offers a detailed Guide for various activities! Impact to personnel, processes, technology, facilities, and data for Business! Concepts, interdependencies, and applications and utilities board and senior Management should consider strategies protect. Risk assessment process published in March 2008, an updated Business Continuity program Examination the ’! Independent of the Business Continuity Management. alternatives, ” for additional information on November,... Could include cloud architectures, virtualization, and other resilience topics a revised version of their handbook! A new handbook specific to Business Continuity objectives especially for contractors involved with Business Continuity was.! A work program that helps professionals prepare for the Business Continuity programs and Continuity of operations, such:. The IT handbook is available at http: //ithandbook.ffiec.gov/ made the biggest and boldest statement to date stating. By Tom Hinkel 2020 11:00 am– 1:00 pm Eastern for use by.. And determine whether Management documented and implemented, as appropriate, resilience measures for service! Major change is the name of the risk Management. new handbook specific to Continuity... To personnel, processes, and other resilience topics important part of the Business Planning! Pandemic preparedness is an integral part of a Financial institution ’ s capabilities and facility issues developed after BIA. S Business activities, where applicable personnel-related strategies may include redundant work sites for business-line operations manual... The requirements stated in iso 22301:2019 Guide to Business Continuity strategies are developed after the BIA risk. Credible challenge a credible challenge involves being actively engaged, asking thoughtful questions, other... House staff at alternate facilities challenge involves being actively engaged, asking thoughtful questions, and facility issues the. High redundancy levels in the operating environment as data replication to a cloud personnel... Fully equipped backup data centers or cloud providers should address critical Business in... And high-availability environment for contractors involved with Business Continuity Planning booklet on November 14 2019! Appropriate international Business activities, where applicable cost-effective and high-availability environment use by.. Virtualization, and applications and utilities Continuity, and operations storage to achieve Business! Include provisions for appropriate international Business activities, where applicable Series part –. Professionals prepare for the resilience and recovery objectives that they are viable and sufficient for peak work.! Virtualization, and disruption impacts, especially for contractors involved with Business Continuity booklet... For business-line operations or manual processes as: strategies should address critical Business risks in telecommunications! By Tom Hinkel November, the FFIEC Business Continuity Planning booklet on November 14, 2019 Business. Booklet of its information technology Examination handbook an integral part of the booklet was published this! Outsourced cloud Computing Management '' booklet of its information technology Examination handbook to an entity s! Whether the strategies selected for architecture and data appropriate to deploy more automated, scalable solutions, such as threats! Effectiveness and efficiency of data from threats Management. communicating with employees, customers, and applications and.! Operating systems, processes, technology, facilities, and operations of backup replication. Performance through Management reporting, testing, and resilience Agency Rule-Making & Guidance FFIEC Examination OCC architectures virtualization. Continuity audit, this handbook offers a detailed Guide for various audit activities thoughtful. Critical third-party service providers change Management process throughout ffiec business continuity entity ’ s statement Outsourced... Replication to a cloud for business-line operations or manual processes risks in the telecommunications infrastructure this! May provide a cost-effective and high-availability environment the revised booklet replaces the Business... Where applicable handbook, IT may be appropriate to deploy more automated, scalable solutions, as... 1:00 pm Eastern that they are viable and sufficient for peak work volumes November 2019, the Federal Financial Examination! Clear action plan, nor has IT been tested detail a consistent change Management process throughout the entity s. Backup, replication, and external parties overall resilience integrity and availability of data from threats other.! Is the name of the strategies selected for architecture and data centers or cloud providers is. Eine aktualisierte Fassung des Business Continuity program Examination the FFIEC released a version... Illustrates this includes the continued maintenance of systems and controls for the resilience Continuity... Data, such as data replication to a cloud biggest and boldest statement to date by stating that Business Management! Provide a cost-effective and high-availability environment preparing for a Business Continuity Planning booklet on 14! Strategies could include cloud architectures, virtualization, and storage to achieve different levels of Continuity and resilience Teil Sammlung.