BCP handbook - Federal Financial Institutions Examination...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
MARCH 2003 Federal Financial Institutions Examination Council FFIEC IT E XAMINATION H ANDBOOK BCP Business Continuity Planning MARCH 2008
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Business Continuity Planning Booklet - March 2008 TABLE OF CONTENTS INTRODUCTION. ............................................................................... 1 BOARD AND SENIOR MANAGEMENT RESPONSIBILITIES . ........ 3 BUSINESS CONTINUITY PLANNING PROCESS. ........................... 5 BUSINESS IMPACT ANALYSIS . ...................................................... 8 RISK ASSESSMENT. ...................................................................... 11 RISK MANAGEMENT. ..................................................................... 13 Business Continuity Plan Development . ............................................................. 13 Assumptions. ............................................................................................ 15 Internal and External Components. .......................................................... 15 Mitigation Strategies. ................................................................................ 15 RISK MONITORING AND TESTING . .............................................. 17 Principals of the Business Continuity Testing Program. ...................................... 17 Roles and Responsibilities . ...................................................................... 18 Testing Policy. .......................................................................................... 19 Execution, Evaluation, Independent Assessment, and Reporting of Test Results . .................................................................................................... 25 Updating Business Continuity Plan and Test Program. ............................ 27 OTHER POLICIES, STANDARDS AND PROCESSES. .................. 29 Security Standards. ............................................................................................. 29 Project Management. .......................................................................................... 29 Change Control Policies . .................................................................................... 30 Data Synchronization Procedures. ...................................................................... 30 Crisis Management. ............................................................................................ 31 Incident Response . ............................................................................................. 31 Remote Access. .................................................................................................. 32
Background image of page 2
Business Continuity Planning Booklet - March 2008 Employee Training. ............................................................................................. 32 Notification Standards. ........................................................................................ 32 Insurance. ........................................................................................................... 33 Government and Community. ............................................................................. 34 SUMMARY. ...................................................................................... 35 APPENDIX A: EXAMINATION PROCEDURES. ............................ A-1 APPENDIX B: GLOSSARY . ........................................................... B-1 APPENDIX C: INTERNAL AND EXTERNAL THREATS. .............. C-1 APPENDIX D: PANDEMIC PLANNING . ........................................ D-1 APPENDIX E: INTERDEPENDENCIES . ........................................ E-1 APPENDIX F: BUSINESS IMPACT ANALYSIS PROCESS. ......... F-1 APPENDIX G: BUSINESS CONTINUITY PLAN COMPONENTS .. G-1 APPENDIX H: TESTING PROGRAM - GOVERNANCE AND ATTRIBUTES. ................................................................................. H-1 APPENDIX I: LAWS, REGULATIONS, AND GUIDANCE . ............. I-1
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Business Continuity Planning Booklet - March 2008 FFIEC IT Examination Handbook Page 1 INTRODUCTION This booklet is one in a series of booklets that comprise the Federal Financial Institutions Examination Council (FFIEC) Information Technology (IT) Examination Handbook . This booklet provides guidance to assist examiners in evaluating financial institution 1 and service provider risk management processes to ensure the availability of critical financial services. This booklet was also designed to provide helpful guidance to financial institutions regarding the implementation of their business continuity planning processes. This booklet rescinds and replaces the previous “Business Continuity Planning Booklet,” which was issued in March 2003, and has been revised to reflect technological and regulatory changes with a focus on management’s responsibilities regarding oversight of the continuity planning process for business operations. While significant revisions have been made, the focus of this booklet continues to be based on an enterprise-wide, process-oriented approach that considers technology, business operations, testing, and communication strategies that are critical to business continuity planning for the entire business, instead of just the information technology department.
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/19/2009 for the course NCKU Informatio taught by Professor Hero during the Spring '09 term at Accreditation Commission for Acupuncture and Oriental Medicine.

Page1 / 132

BCP handbook - Federal Financial Institutions Examination...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online