The members of the Federal Financial Institutions Examination Council (FFIEC) today emphasized that examiners understand how management of banks and other regulated entities, including depository financial institutions, nonbank financial institutions, bank holding companies, and third-party service providers, have prepared their operations to avoid disruptions and to recover services.
The updated Business Continuity Management booklet focuses on enterprise-wide approaches that address technology, business operations, testing, and communication strategies critical to the continuity of the business. The booklet describes principles and practices for information technology (IT) and operations designed to achieve safety and soundness, consumer financial protection, and compliance with applicable laws, regulations, and rules.
As the booklet makes clear, business continuity focuses on more than just the planning process to recover operations after an event. Business continuity also includes the continued maintenance of systems and controls for the resilience and continuity of operations. Business continuity is an integral part of the risk management life cycle of an entity’s systems, processes, and operations.
The Business Continuity Management booklet describes principles to help examiners determine whether management addresses risks related to the availability of critical financial products and services. The booklet uses common terms and builds on widely used standards to facilitate effective supervision. The updated examination procedures will also help examiners assess the adequacy of an entity’s overall business continuity management program.
The Business Continuity Management booklet is part of the FFIEC Information Technology Examination Handbook (IT Handbook) and replaces the Business Continuity Planning booklet issued in February 2015.
The IT Handbook is available at (opens new window).
Business Continuity Management booklet (opens new window) (PDF)
|Federal Reserve||Darren Gersh||202.452.2955|