1 / 22

Banks Name

Banks Name. Business Continuity Plan Training. General Information. What is a Business Continuity Plan? Business Continuity Plan (BCP) A plan created to restore critical functions after a disaster A plan that allows the institution to recover from a variety of disaster

mfuller
Download Presentation

Banks Name

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Banks Name Business Continuity Plan Training

  2. General Information • What is a Business Continuity Plan? • Business Continuity Plan (BCP) • A plan created to restore critical functions after a disaster • A plan that allows the institution to recover from a variety of disaster • A plan that outlines all the critical functions of an institution

  3. General Information • Clarification of the term • BCP is referred to as a • Business Continuity Plan • Business Continuation Plan • Disaster Recovery Plan • The plans purpose is to allow recovery from a variety of disasters; both BIG and small

  4. General Information • Stages of Plan Development • Threat Analysis • Risk Assessment • Business Impact Analysis • Critical Business Processes • Team Plans • Training • Testing

  5. Plan Development • Threat Analysis • Categorize threats by natural, man-made, political, and technological threats. • What are the internal and external threats that each location of the institution faces? • What controls are in place to mitigate these threats? • Are there areas where we can improve or mitigate the threat further?

  6. Plan Development • Risk Assessment • Identify all institution assets • Hardware • Software • Business Processes; New Accounts, Lending, Operations, etc • Identify vendors related to assets • Determine controls in place to recover asset • Identify resources required to recover assets

  7. Plan Development • Risk Assessment • Determine RPO (Recovery Point Objective) • The point in time that the data needs to be recovered from; i.e. EOD, EOM, Last Transmission, etc. • Determine RTO (Recovery Time Objective) • The length of time that the asset needs to be recovered; i.e. 4 hours, 24 hours, 48 hours, etc. • Risk Rating • Determine a risk rating for each asset; i.e. Low, Medium, High

  8. Plan Development • Business Impact Analysis • Determine the financial impact of non-recovery of assets or department functions • Determine the impact of non-recovery of assets on: • Reputation • Operating Efficiency • Customer Service • Legal Requirements • Fraud • Unmanageable Backlogs

  9. Plan Development • Critical Business Processes • Based on Threat Analysis, Risk Assessment, and Business Impact Analysis a list of critical business processes was developed • This list is used as a “roadmap” for the institution’s recovery process

  10. Plan Development • Team Plans • Team plans were created to recover as efficiently as possible • Teams are: • Crisis Management • Administrative • Operations • Facilities • Information Technology • Lending • Retail Banking

  11. Plan Development • Training • All employees will receive training on: • Overall BCP recovery efforts • Emergency procedures • Overall training will be done annually • New employees will receive initial training

  12. Plan Development • Testing • A BCP is not possible without testing • Testing proves recovery strategies • Failed tests are not a failure of the plan, but rather and opportunity to improve the plan and recovery process • Testing is done annually on critical business processes

  13. Plan Structure • Team Plan Breakdown • Crisis Management Team – Responsibilities • Safety and care of staff and/or customers • Evacuation • Assess damage • Coordinate recovery process • Activate BCP

  14. Plan Structure • Team Plan Breakdown • Administrative Recovery Team – Responsibilities • Executive notification • Handling media • Notification of insurance, attorneys, landlord • Manage information release to customers • Purchasing • Human Resources • Accounts payable and receivable

  15. Plan Structure • Team Plan Breakdown • Operations Recovery Team – Responsibilities • Restore bank operations • Wire transfers • Electronic banking • ACH • Website • Remote deposit • Data processing

  16. Plan Structure • Team Plan Breakdown • Facilities Recovery Team – Responsibilities • Securing facility and assets • Assessing damage • Preserving/restoring paper documents • Working with contractors for reconstruction • Managing facility construction

  17. Plan Structure • Team Plan Breakdown • Information Technology Recovery Team – Responsibilities • Assess damage • Recover data • Recover systems • Establish communications and connectivity • Rebuild network infrastructure

  18. Plan Structure • Team Plan Breakdown • Lending Recovery Team – Responsibilities • Assess damage • Service customer base • Communicate with key customers • Assist in recovery of lending operations

  19. Plan Structure • Team Plan Breakdown • Retail Banking Recovery Team – Responsibilities • Assess damage • Service customer base • Communicate with key customers • Assist in recovery of retail banking operations • Assist in recovery of teller operations

  20. Employee Assignment • All employees part of recovery • Each team has members that will develop plans • Not every employee is assigned to a team • If you are not assigned to a team you will be notified of where you are needed at the time of the disaster • Every employee is a vital part of the recovery

  21. Plan Maintenance • Business Continuity Plans are NEVER done! • BCP’s are living documents that require constant attention and updating • Team Leaders will work to keep team plans up to date • Annual testing will help identify plan deficiencies • Annual updates will help keep the plan information up to date • Employee contact information • Recovery strategies • Vendor information

  22. Questions ?

More Related