Murphy’s Law and Business Continuity Plans
Any seasoned IT pro can recount stories where seemingly insignificant components or very rare events brought down critical systems. Perhaps it was...
2 min read
Stephanie Goetz : Nov 22, 2019
On November 14, FFIEC updated and renamed its business continuity handbook from Business Continuity Planning to Business Continuity Management. (Check out the updated handbook here.) The updates were principally focused on increasing an institutions resilience against cyber threats. We commonly hear about cyber threats in the news and may be the most likely reason we would need to execute a business continuity plan these days.
If you’re wondering what a modern, large scale cyber-attack would look like, this 2018 Wired article on Notpetya paints a pretty good scenario.
Here are five things you can do to boost your plan’s effectiveness in a cyber scenario and prepare for compliance with the new guidance:
The extent to which you exercise and test your plan should be driven by your institutions risk tolerance and its size and complexity. Your tests should validate the integrity and availability of data for critical systems, that your recovery timeframes are achievable, and that you can process the anticipated level of transactions. Also, test that the physical and environmental controls of your backup facility. Exercise the quality of decision making, communication protocols, cross departmental coordination and run through procedures at your recovery site.
If you’re looking for help with business continuity planning, incident response, or would like someone to lead and facilitate a tabletop exercise give us a call at 833-297-7681 or email us at support@bedelsecurity.com.
Any seasoned IT pro can recount stories where seemingly insignificant components or very rare events brought down critical systems. Perhaps it was...
So what Benefit is there in a Business Impact Analysis?