Business continuity planning (BCP) has long been not only a regulatory requirement, but an area of increasing regulatory scrutiny. As institutions outsource operating functions, you should be certain that your BCP extends to not only internal operations, but your outsourced vendors as well as the vendors’ sub-servicers.
The problem most institutions face with their BCP is what to plan for. On one end of the spectrum, there are extreme events that could shut down the entire U.S. What if hackers could disable the entire electrical grid? Would your BCP help? Probably not. On the other extreme, what happens if you have a vendor that goes out of business? Do you have a plan for transitioning to another vendor? Is that plan part of your BCP? You always need to be prepared for changes in operations. Another problem is determining if your BCP, when activated, would work. Hours of classroom training won’t solve that problem. Testing is expected and essential.
What should your BCP cover and how can you assess the adequacy of your plan? First, have you considered how to prioritize enterprise-wide business objectives and the critical operations that are essential for recovery if you activate your BCP? Remember, you can’t have a plan that covers extremes. And you shouldn’t rely on BCP for operational issues. Second, does your BCP involve the right critical processes, business units, departments, and systems that must respond to disruptions? Third, have you identified the most actionable recovery solutions that should and can be implemented? Fourth, does your BCP include both short-term and long-term recovery operations?
Please join Gary Deutsch as he discusses how to assess the adequacy of your institution’s BCP to not only meet regulatory requirements, but also to address the realities of developing, implementing, and maintaining cost-effective BCP.
WHAT YOU’LL LEARN
This webinar will cover:
- What should be included in your business impact analysis
- How to evaluate the process and assumptions for identifying risks that should shape your BCP
- How to evaluate the process of identifying, assessing, and reducing risk to an acceptable level through the development, implementation, and maintenance of a written, enterprise-wide BCP
- Evaluating the adequacy of your BCP risk monitoring and testing process to ensure that the BCP remains viable
- How to identify other policies, standards, and processes that should be integrated into the BCP process
- AND MUCH MORE!
YOUR CONFERENCE LEADER
Your conference leader for " Business Continuity Planning: Conducting a Risk Assessment” is Gary Deutsch, president, BRT Publications LLC. Mr. Deutsch is a licensed CPA in Maryland and has a B.A. in accounting and an MBA in finance from Loyola University Maryland. He has also achieved the Certified Management Accountant, Certified Internal Auditor and Certified Bank Auditor designations. Mr. Deutsch is the founder and president of BRT Publications LLC. Mr. Deutsch has trained thousands of financial institution professionals in all aspects of risk management and has written numerous books in the U.S. and Europe on topics such as credit risk, internal audit and compliance with Generally Accepted Accounting Principles. Mr. Deutsch has extensive risk management and internal audit experience through his association with financial institutions of all sizes as well as through his role leading the KPMG financial institution consulting practice in the Mid-Atlantic region.