The Federal Financial Institutions Examination Council (FFIEC) has issued updated guidance for examiners, financial institutions, and technology service providers to identify business continuity risks and evaluate controls and risk management practices for effective business continuity planning. The guidance is an update to the ‘Business Continuity Planning Booklet,’ which was issued in March 2003.

The revised booklet includes enhancements to the business impact analysis and testing discussions and addresses emerging threats and lessons learned in recent years. The booklet also stresses the responsibilities of each institution’s board and management to address business continuity planning with an enterprise-wide perspective by considering technology, business operations, communications, and testing strategies for the entire institution.

Key elements of the FFIEC’s December 2007 Interagency Statement on Pandemic Planning have been added to the booklet. The methodologies detailed in the booklet provide a framework for financial institutions to develop or update their pandemic preparedness plans.

Other changes in the booklet highlight the importance of business continuity planning for all financial institutions, regardless of whether their systems are provided in-house or through third-party service providers, as well as the lessons learned from financial institutions that suffered damage from hurricanes Katrina and Rita.

Various formats of the Business Continuity Planning Booklet and other IT Examination Handbook booklets are available at http://www.ffiec.gov/ffiecinfobase/html_pages/it_01.html or a PDF version can be downloaded directly from here.

•Date: 20th March 2008• Region: US •Type: Article •Topic: Financial sector BC
Rate this article or make a comment - click here