Business Continuity/Disaster Recovery Wrap-Up
Pandemic Preparation Dominates the Headlines Timing is everything, and March was the perfect time to focus on business continuity and disaster recovery.On the heels of our State of Information Security survey , which showcased your main areas of concern (namely, pandemic preparation), March saw the release of important new guidance: the Federal Financial Institutions Examination Council (FFIEC) update on business continuity/disaster recovery.
And, no surprise, the new guidance showcases ... pandemic preparation.
In a lot of ways, pandemic preparation dominated the headlines in March. Not only did the FFIEC issue its new guidance, but we also took the occasion to dive into the strengths and weaknesses of financial institutions' current strategies. Among the highlights:
The Coming Pandemic: How Prepared Are We? Expert Says Financial Institutions Still Have a Lot of Work to Do
Business Continuity Trends: Programs and Pandemics Interview With Gartner's Roberta Witty
Pandemic Progress Report - How Do You Rate? Institutions are All Over the Map When it Comes to Preparing for Disaster
While on the topic, I also need to point out a valuable - and timely - new webinar that we're just developing:
Pandemic Planning & Response Techniques
But beyond pandemics, we also took the opportunity to focus on some of the more traditional threats and mitigations, including those related to natural and man-made disasters. Among my favorite articles of the month (and yours, too, judging by the site traffic):
Disaster Recovery Case Study: Surviving Rita Louisiana Credit Union Relocated, Rebuilt After Devastating Hurricane
Disaster Recovery: TN Bank Rebuilds from Tornado Emergency Preparedness, Customer Communications Key to Surviving Storms
What Will Be the Next Big Disaster? Interview with Charles Perrow, author of "The Next Catastrophe"
Reviewing the month, the message is clear: Business continuity/disaster recovery planning is just an essential part of risk management, and now is the time to strengthen your institution's capabilities for documenting, communicating and testing your plans.
Given what we know, institutions are in good shape for natural and man-made disasters. But a pandemic disaster? It's the great unknown, which is why federal regulators are turning up the heat on institutions to ensure they've accounted for emergency measures with employees, customers and key vendors.
And not to be lost, two other key areas of focus in the new FFIEC guidance: business impact analysis of potential disasters, and enterprise-wide testing of business continuity/disaster recovery plans. These items don't come with specific deadlines for compliance, but you can be sure your next examiner will be discussing them.
Interestingly, one of the biggest disasters of the month - of the year - also provides a springboard for next month's editorial calendar topic. The scandal that brought down New York Gov. Eliot Spitzer revolved around financial transactions that ran afoul of federal anti-money laundering (AML) legislation. We'll be focusing on AML throughout April - we've got several new articles and a webinar planned. So, if you enjoyed the preliminary discussion of structuring and suspicious activity reporting, then stick around for the main event. It looks to be a lively month!