The global financial system is a set of interlinked networks of markets, systems, and participants. While financial institutions (“institutions”) acknowledge the need to strengthen their resilience against disruptions, they also recognise that the network is only as strong as its weakest link and the potential impact of a major operational disruption may incapacitate the financial system.
The quick recovery of business functions after disruption is therefore crucial in maintaining confidence in institutions. Failing which, institutions may compromise its business obligations, which may result in significant financial losses and potentially lead to a contagion effect on the financial system. Insurance coverage may compensate certain quantifiable losses but would not protect institutions against the erosion of brand value or the loss of customers’ confidence.
Business Continuity Management (“BCM”) is an over-arching framework that aims to minimise the impact to businesses due to operational disruptions. It not only addresses the restoration of information technology (“IT”)infrastructure, but also focuses on the rapid recovery and resumption of critical business functions for the fulfilment of business obligations. One important tangible evidence that the institutions have embraced BCM is the formulation of a business continuity plan (“BCP”).
Increasingly, globalisation and technological advancements are constantly testing the boundaries of implementing an effective BCM. A key challenge for institutions is to establish and maintain a comprehensive BCM that is cost effective without a compromise of prudent risk management policies and fulfil its business obligations during a disruption. This is a continuous process. As changes in technology, business focus, and staff affect the state of preparedness, increasingly, institutions recognise the need to incorporate BCM as an ongoing discipline into its business-as-usual operations and thereby improve its readiness to respond to and recover from crises.
CONTENTS
1.0 INTRODUCTION
- 1.1 READINESS IS YOUR ONLY PROTECTION
1.2 APPLICATION OF THE GUIDELINES
1.3 GLOSSARY
2.0 BUSINESS CONTINUITY MANAGEMENT PRINCIPLES
- 2.1 PRINCIPLE
1: BOARD OF DIRECTORS AND SENIOR MANAGEMENT SHOULD BE RESPONSIBLE FOR THEIR INSTITUTION’S BUSINESS CONTINUITY MANAGEMENT
2.2 PRINCIPLE
2: INSTITUTIONS SHOULD EMBED BUSINESS CONTINUITY MANAGEMENT INTO THEIR BUSINESS
AS-USUAL OPERATIONS , INCORPORATING SOUND PRACTICES
2.3 PRINCIPLE
3: INSTITUTIONS SHOULD TEST THEIR BUSINESS CONTINUITY PLAN REGULARLY , COMPLETELY, AND MEANINGFULLY
2.4 PRINCIPLE
4: INSTITUTIONS SHOULD DEVELOP RECOVERY STRATEGIES AND SET RECOVERY TIME OBJECTIVES FOR CRITICAL BUSINESS FUNCTIONS
2.5 PRINCIPLE
5: INSTITUTIONS SHOULD UNDERSTAND AND APPROPRIATELY MITIGATE INTERDEPENDENCY RISK OF CRITICAL BUSINESS FUNCTIONS
2.6 PRINCIPLE
6: INSTITUTIONS SHOULD PLAN FOR WIDE AREA DISRUPTIONS
2.7 PRINCIPLE
7: INSTITUTIONS SHOULD PRACTISE A S EPARATION POLICY TO MITIGATE CONCENTRATION RISK OF CRITICAL BUSINESS FUNCTIONS
Download
PDF Ebook Business Continuity Management Guidelines
