ALASTAIR CLARK EXECUTIVE DIRECTOR, BANK OF ENGLAND

Size: px
Start display at page:

Download "ALASTAIR CLARK EXECUTIVE DIRECTOR, BANK OF ENGLAND"

Transcription

1 Remarks by ALASTAIR CLARK EXECUTIVE DIRECTOR, BANK OF ENGLAND Contingency Planning and Disaster Recovery for the Financial Services Sector Conference Questions to be addressed in contingency planning and disaster recovery 29 January 2002

2 2 Introduction The question of contingency planning and disaster recovery has, unfortunately, acquired a higher profile and a higher priority since the events of 11 September. This is true not just in relation to financial services our focus today but also for transport, power, water, telecommunications and so on. It is an issue for firms, for infrastructure providers both public and private, and for the public authorities. In these brief remarks I certainly cannot cover all of the territory. But I will try to map out some of the main questions which, at least as we see things in the Bank, need to be addressed. I am sure later speakers will pick up on the various themes and discuss in more detail what is being done, and how far we, collectively, have been able to come up with satisfactory responses. And I would emphasise that this is very much a joint public/private sector task. The public sector has a major contribution to make but much of the work inevitably falls to the private sector. Background Perhaps the first point to make is that, although 11 September has greatly increased the attention paid to contingency planning, it is not of course a new issue. It has been a long-standing part of good business practice in mitigating operational risk; and regulators have routinely monitored and assessed the robustness of firms facilities and systems, and their capacity to withstand shocks. But recent experience, as well as providing an all-too-graphic illustration of the kind of problems which can arise, has also raised questions about the basis on which these assessments have typically been made. In particular, it has raised questions about robustness in the face of disruption affecting many parts of the financial system at once. A second point now widely recognised, I believe, but worth repeating is that despite the scale of the destruction on 11 September, the US and the global financial systems for the most part responded very well. Much of the credit must go to individuals and private firms, but it also belongs to the US public authorities and especially to the Federal Reserve. There is much to learn from what did and what did not function effectively in New York, and those lessons are now being absorbed. That said, we clearly need to guard against simply fighting the last war. The nature of any future incident is very likely to be different. A third observation is that the - sometimes derided - preparations for Y2K proved fortuitously to be of value in the quite different context of 11 September. Although the nature of the Y2K threat, the predictability of its timing, and so on, all distinguished it from what happened on 11 September,

3 3 there were nevertheless some important similarities. Both involved actual or potential disruption of firms and market infrastructure; both were accompanied by uncertainties about the exact nature of the threat; both involved the wider economy not just the financial sector; both raised issues about the coordination of public and private sector action; and both raised the question of what central banks and regulators needed to do to maintain market functioning. Although Y2K turned out, for whatever reason, to be a bit of a non-event, the preparations nevertheless ensured that many of these questions had received serious consideration. One final point. 11 September demonstrated that wider financial problems, not just operational problems, can arise in the aftermath of a major incident. These included, for example, the sudden withdrawal of insurance cover, and the sudden downturn in air traffic with the associated cash flow and credit issues for airlines. Both demanded an urgent response. Increasingly, too, there is a question of just where the financial hit from a major incident will be felt, given the growing capacity of markets to slice up and redistribute risk. And beyond all this, of course, there was and still is uncertainty about the wider impact on economic prospects nationally and internationally. Some specific issues So much for general background. Let me talk briefly about some more specific issues we have identified in our own post-11 September discussions. I say our own discussions because the public authorities in the UK - as in most other countries I am sure - have been conducting a thorough review of contingency arrangements. For the financial sector, this work falls mainly to the Treasury, the Bank and the FSA and it has been coordinated through the so-called tripartite Standing Committee, set up as part of the new institutional arrangements introduced in 1997 for maintaining financial stability. The first issue which has emerged as perhaps the single most important concern is communication. Communication here means communication about who is doing what to increase the robustness of the financial system in anticipation of a problem; but also, and crucially, it means communication amongst relevant firms, regulators, service providers, central banks and finance ministries after an incident has occurred. There are important sub-issues about the mechanics of communication how it is to be maintained if normal channels have been disrupted? What, for example, are the relative strengths and weaknesses of telephone land lines versus mobile networks? What part might satellite phones play? And what about internet and links, which had a critical role in New York. But communication also raises the question of what information is likely to be useful. The potential range here is too wide to try to be specific and comprehensive in

4 4 advance. But it certainly includes, for example, information about how to get in touch with key people, about the immediate financial position of firms, and about who has the necessary powers, and discretion to exercise them, in circumstances of crisis. Much work is underway to provide answers to these questions, even if only in a provisional way, through a so-called information clearing house. There are plans to launch a prototype, probably based on a web site, in the near future. A second important message coming out of 11 September was the need to consider continuity of staffing as well as continuity of physical systems. Most directly to put it brutally this is the question of how to continue operations if key personnel are killed or incapacitated, or if, for some reason, they cannot be contacted. This issue arose in a stark form for several firms on 11 September. There is probably no entirely satisfactory strategy to cope with this threat; the expense and the motivational difficulties of maintaining shadow management and operational capability are probably too great. Nevertheless there are some approaches which, at least for major international firms, may provide some degree of protection. They may, for example, be able to switch activity from one financial centre to another where staff in both are involved in similar if not identical areas of business. Whatever the approach, perhaps the real point is that the need to address this issue is now much more widely recognised. A third key consideration, and in many ways the most obvious, is the adequacy or otherwise of physical contingency plans, which typically depend at least in part on maintaining remote back-up sites. The issues here are complex. All regulated firms certainly all major market participants are required by their regulators to demonstrate that they have realistic arrangements for coping with various kinds of operational risk, of which destruction or inaccessibility of key operational sites is clearly one example. Ensuring, so far as possible, that these arrangements work not just in principle but also in practice is essential. There were some cases after 11 September where back-up sites or systems did not, for a variety of reasons, operate as planned. But as well as these issues relevant to individual firms, there is a question about whether the financial system as a whole is likely to prove robust. How far might the plans of individual firms, which taken on their own look entirely sensible, turn out to be inadequate or inconsistent when looked at in aggregate. Might the whole, so to speak, be less than the sum of the parts? One aspect of this is the issue of co-dependencies single points of failure affecting many different parts of the system. In the context of contingency sites, this would arise if, for example, several different firms had contracted with a single supplier for access to a particular site which clearly could not, however, be occupied by all of them at once. Choosing a contingency site also gives rise to the dilemma of whether it is best located close to the

5 5 primary site more easily accessible but more likely to be affected by an event which takes out the primary site or remote and prospectively therefore inaccessible even if it remains intact. My fourth point is that many of the same issues arise in relation to public infrastructure, such as transport, power, water, telecommunications and so on. The relevant suppliers - who are actually now for the most part in the private sector - have also been reviewing their contingency arrangements, including the question of how far their facilities are vulnerable to single points of failure. One of the key challenges is to make sure that consumers have access to relevant information about this infrastructure, while recognising the confidentiality and sensitivity of some of that information and its potential value to terrorists. The experience in New York demonstrated, however, how vital the maintenance or restoration of infrastructure services was to the functioning of Wall Street. In the UK, the Corporation of London has played a very helpful role in bringing together the public infrastructure suppliers relevant to the City and, in conjunction with the management company, to Canary Wharf. Judith Mayhew will, I know, be explaining this more fully later today. A fifth issue is what sort of contingency it is sensible or realistic to plan for in other words, how big an event contingency arrangements should be designed to handle. At one end of the spectrum, there are clearly incidents which may be highly disruptive and damaging for individual firms but which are unlikely to have any significant knock-on effects. For contingencies at that level, any response is very largely a matter for the individual firm. At the other end of the spectrum, there are contingencies which are prospectively so damaging that maintenance of the financial system, or at least the financial system in anything but a rudimentary form, is unlikely to figure high on the list of priorities. This would most obviously be the case with, say, a nuclear attack. What point to aim for between these two extremes is perhaps impossible to say? There may, however, be a slightly different approach - namely to focus on the elements, the building blocks, of a response applicable in a wide range of circumstances, rather than on a particular scenario. It may then, nevertheless, be sensible to test out these building blocks in the face of different possible scenarios, to see at what points and in what ways the contingency arrangements are likely to come under strain. Drawing once more on the experience of 11 September, my sixth point is the need for clear guidance to be given on the practical aspects of market functioning in circumstances of crisis, and on what adjustments to normal practice are acceptable. In New York in many cases these adjustments were discussed and agreed by the relevant market associations and notified to the regulators. This approach has many attractions, because practitioners specialising in a particular area are much more likely than anyone else to know what is important, and what will work and what will not. Market

6 6 associations need; however, to have sufficient standing so that their conclusions, even if not binding in a strictly legal sense, are nevertheless accepted in practice. This approach also, of course, requires that market associations with the relevant capacity exist for each of the major markets, whether for foreign exchange, equities, government bonds or whatever. In London, we are in the middle of a programme of discussions with market associations on how they might handle 11 September-type market dislocation, with a view to supplementing existing procedures or, where necessary, putting new procedures in place. Since the public sector and specifically the Bank is a participant in a number of these markets, this is an exercise in which we are closely involved. Finally, while I have mentioned the general issue of public/private sector cooperation and will not say any more about it now, there is one additional issue relevant especially to central banks. One of the reasons why financial markets were able to keep going so well after 11 September was the Fed s policy of providing very large amounts of liquidity to banks which found that their normal payment flows were disrupted. Without this, there is no doubt that the financial and economic repercussions of the attack would have been much more serious. The arrangements for providing this liquidity raise a number of issues, however, for example where firms operate in a variety of currencies in a number of different countries but also and more generally assessing the risks associated with unsecured lending. Lending on this basis became almost unavoidable on 11 September given that the assets which would normally be used as collateral were unavailable with the disruption to the custody and securities handling machinery. These are judgements which can probably only be made on a case-by-case basis in the circumstances of the time. But with the amounts prospectively involved, they are judgements which central banks, and indeed other market participants, are bound to take extremely seriously. Closing remarks Let me finish with just a couple of additional observations. First, I think we are all aware of the need to move beyond analysis and discussion to action. And there has been a good deal of action by various of the parties involved in contingency planning. Keeping everyone in touch with what is going on is, however, a challenge in itself and one of which the Bank, the Treasury and the FSA are all very well aware. That is part of the motivation for the information clearing house idea. It is also one of the reasons why John Trundle and I from the Bank, and tomorrow Paul Wright from the FSA, are pleased to be able to talk to groups such as this. Whatever the technique, the strengthening of communication channels between firms, and between the private sector and public sector, is essential. And it is also essential, in the financial sector

7 7 perhaps as much as in any other, that the international aspects of contingency planning are recognised. Second, some of the issues raised are, however, technically or in terms of the prospective cost/benefit balance, difficult to call and further work is needed before any sort of plan can sensibly be decided. There is no point in diverting effort into a half-baked proposal which quickly turn out to be inadequate or unworkable. That is a major part of what we are involved in now. Some of the results will I am sure be discussed in the next two days; others will no doubt be the basis for similar conferences in future!

ISSUES PAPER PAYMENT SYSTEMS BUSINESS CONTINUITY

ISSUES PAPER PAYMENT SYSTEMS BUSINESS CONTINUITY ISSUES PAPER PAYMENT SYSTEMS BUSINESS CONTINUITY 10 May 2005 ISSUES PAPER PAYMENT SYSTEMS BUSINESS CONTINUITY TABLE OF CONTENTS Executive Summary 3 Introduction 4 Evolution of Core Principle VII 4 1. Formulation

More information

Section A: Introduction, Definitions and Principles of Infrastructure Resilience

Section A: Introduction, Definitions and Principles of Infrastructure Resilience Section A: Introduction, Definitions and Principles of Infrastructure Resilience A1. This section introduces infrastructure resilience, sets out the background and provides definitions. Introduction Purpose

More information

GUIDELINES FOR BUSINESS CONTINUITY IN WHOLESALE MARKETS AND SUPPORT SYSTEMS MARKET SUPERVISION OFFICE. October 2004

GUIDELINES FOR BUSINESS CONTINUITY IN WHOLESALE MARKETS AND SUPPORT SYSTEMS MARKET SUPERVISION OFFICE. October 2004 GUIDELINES FOR BUSINESS CONTINUITY IN WHOLESALE MARKETS AND SUPPORT SYSTEMS MARKET SUPERVISION OFFICE October 2004 1 1. Introduction Guaranteeing the efficiency and correct operation of money and financial

More information

Diana L. Taylor New York State Banking Superintendent Financial Services O&I Subcommittee 10/20/03

Diana L. Taylor New York State Banking Superintendent Financial Services O&I Subcommittee 10/20/03 Diana L. Taylor New York State Banking Superintendent Financial Services O&I Subcommittee 10/20/03 Thank you Members of the Committee. I welcome the opportunity to submit this testimony on how the New

More information

Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper

Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper Success or Failure? Your Keys to Business Continuity Planning An Ingenuity Whitepaper May 2006 Overview With the level of uncertainty in our world regarding events that can disrupt the operation of an

More information

Statement of Guidance

Statement of Guidance Statement of Guidance Foreign Exchange Risk Management 1. Statement of Objectives To provide a standard of best practice to banks for the implementation of an effective and sound Foreign Exchange Risk

More information

Business Continuity Planning and Disaster Recovery Planning

Business Continuity Planning and Disaster Recovery Planning 4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business

More information

Unit Guide to Business Continuity/Resumption Planning

Unit Guide to Business Continuity/Resumption Planning Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions

More information

Cloud Software Services for Schools

Cloud Software Services for Schools Cloud Software Services for Schools Supplier self-certification statements with service and support commitments Please insert supplier details below Supplier name Address Contact name Contact email Contact

More information

Monetary Authority of Singapore BUSINESS CONTINUITY MANAGEMENT GUIDELINES

Monetary Authority of Singapore BUSINESS CONTINUITY MANAGEMENT GUIDELINES Monetary Authority of Singapore BUSINESS CONTINUITY MANAGEMENT GUIDELINES June 2003 TABLE OF CONTENTS 1.0 INTRODUCTION... 1 1.1 READINESS IS YOUR ONLY PROTECTION... 1 1.2 APPLICATION OF THE GUIDELINES...

More information

Supervisory Policy Manual

Supervisory Policy Manual This module should be read in conjunction with the Introduction and with the Glossary, which contains an explanation of abbreviations and other terms used in this Manual. If reading on-line, click on blue

More information

The Joint Commission Approach to Evaluation of Emergency Management New Standards

The Joint Commission Approach to Evaluation of Emergency Management New Standards The Joint Commission Approach to Evaluation of Emergency Management New Standards (Effective January 1, 2008) EC. 4.11 through EC. 4.18 Revised EC. 4.20 Emergency Management Drill Standard Lewis Soloff

More information

Contingency Planning in ICSA Member Countries

Contingency Planning in ICSA Member Countries Contingency Planning in ICSA Member Countries Australia In an effort to review and upgrade Australia s capacity to deal with threats to critical infrastructure, the government has formed a Trusted Information

More information

Each section has handy hints and advice on completing your plan along with links to further information which you can download and print.

Each section has handy hints and advice on completing your plan along with links to further information which you can download and print. Information on business continuity plans for businesses with 10 or fewer employees You will find that it is quick, easy and inexpensive to create a business continuity plan. This is a basic five-step guide

More information

RISK MANAGEMENT GUIDANCE FOR GOVERNMENT DEPARTMENTS AND OFFICES

RISK MANAGEMENT GUIDANCE FOR GOVERNMENT DEPARTMENTS AND OFFICES RISK MANAGEMENT GUIDANCE FOR GOVERNMENT DEPARTMENTS AND OFFICES GOVERNMENT ACCOUNTING SECTION DEPARTMENT OF FINANCE MARCH 2004 Risk Management Guidance CONTENTS Pages List of guidelines on risk management

More information

Managing cyber risk the global banking perspective

Managing cyber risk the global banking perspective 1 Managing cyber risk the global banking perspective Speech given by Andrew Gracie, Executive Director, Resolution, Bank of England British Bankers Association Cyber Conference, London 10 June 2014 2 I

More information

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery Disaster Recovery 1.1 Introduction Every day, there is the chance that some sort of business interruption, crisis, disaster, or emergency will occur. Anything that prevents access to key processes and

More information

AUSTRACLEAR REGULATIONS Guidance Note 10

AUSTRACLEAR REGULATIONS Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

Business Continuity Planning advice for Businesses with 50-250 employees

Business Continuity Planning advice for Businesses with 50-250 employees Business Continuity Planning advice for Businesses with 50-250 employees Where to begin? A business continuity plan should consist of a business and contingencies analysis. It needs to be developed by

More information

A Guide to Carrying Out a SWOT Analysis Introduction

A Guide to Carrying Out a SWOT Analysis Introduction A Guide to Carrying Out a SWOT Analysis Introduction Resource 1.4 A SWOT (strengths, weaknesses, opportunities and threats) analysis is often done as part of the process of developing a business plan or

More information

Challenges to Central Banking from Globalized Financial Systems. Discussant s comments by Michael Reddell Reserve Bank of New Zealand 1 On

Challenges to Central Banking from Globalized Financial Systems. Discussant s comments by Michael Reddell Reserve Bank of New Zealand 1 On Challenges to Central Banking from Globalized Financial Systems Conference at the IMF in Washington, D.C., September 16 17, 2002 Discussant s comments by Michael Reddell Reserve Bank of New Zealand 1 On

More information

Statement of Guidance

Statement of Guidance Statement of Guidance Business Continuity Management All Licensees 1. Statement of Objectives 1.1. To enhance the resilience of the financial sector and to minimise the potential impact of a major operational

More information

" # $% "%&$& Lesley Fayers Exercising the BCP workbook.doc Page 1 of 12

 # $% %&$& Lesley Fayers Exercising the BCP workbook.doc Page 1 of 12 ! " # $% "%&$& Lesley Fayers Exercising the BCP workbook.doc Page 1 of 12 Objectives...3 1. Why run an exercise?...3 2. What sort of exercises are there?...3 Call Tree:...4 Walk Through:...4 Table Top:...4

More information

Business Continuity Management Policy and Plan

Business Continuity Management Policy and Plan Business Continuity Management Policy and Plan Version No Author Date of Update 0.3 Allan Jude and Charmaine Grundy 05/06/2015 1 P a g e Contents Contents... 2 1. Introduction... 3 2. Purpose... 4 3. Definitions...

More information

RISK MANAGEMENT REPORT (for the Financial Year Ended 31 March 2012)

RISK MANAGEMENT REPORT (for the Financial Year Ended 31 March 2012) RISK MANAGEMENT REPORT (for the Financial Year Ended 31 March 2012) Integrated Risk Management Framework The Group s Integrated Risk Management Framework (IRMF) sets the fundamental elements to manage

More information

Keynote Speech. Beth Dugan Deputy Comptroller for Operational Risk. The Clearing House s First Operational Risk Colloquium

Keynote Speech. Beth Dugan Deputy Comptroller for Operational Risk. The Clearing House s First Operational Risk Colloquium Keynote Speech by Beth Dugan Deputy Comptroller for Operational Risk at The Clearing House s First Operational Risk Colloquium February 11, 2015 Washington, D.C. Thank you. It s an honor to be invited

More information

Good afternoon, Dr Khoo Kah Siang, President of the Life Insurance Association, distinguished

Good afternoon, Dr Khoo Kah Siang, President of the Life Insurance Association, distinguished "A Safe, Vibrant and Purposeful Life Insurance Industry" - Keynote Address by Guest of Honour Ms Loo Siew Yee, Executive Director, Monetary Authority of Singapore at the Life Insurance Association Singapore

More information

Continuity of Operations Planning. A step by step guide for business

Continuity of Operations Planning. A step by step guide for business What is a COOP? Continuity of Operations Planning A step by step guide for business A Continuity Of Operations Plan (COOP) is a MANAGEMENT APPROVED set of agreed-to preparations and sufficient procedures

More information

Business Continuity Plan Toolkit

Business Continuity Plan Toolkit Business Continuity Plan Toolkit March 2015 1 Contents The Template instructions for use... 2 Introduction... 3 What is the purpose of this toolkit?... 3 Why do you need a Business Continuity Plan?...

More information

Enhancing the resilience of the Bank of England s Real-Time Gross Settlement infrastructure

Enhancing the resilience of the Bank of England s Real-Time Gross Settlement infrastructure 316 Quarterly Bulletin 2014 Q3 Enhancing the resilience of the Bank of England s Real-Time Gross Settlement infrastructure By Ed Kelsey and Simon Rickenbach of the Bank s Market Services Division. (1)

More information

Business Continuity Planning at Financial Institutions

Business Continuity Planning at Financial Institutions Business Continuity Planning at Financial Institutions July 2003 Bank of Japan Table of Contents Introduction...2 1 The Bank s View of Business Continuity Planning 1) Significance of business continuity

More information

Final Draft/Pre-Decisional/Do Not Cite. Forging a Common Understanding for Critical Infrastructure. Shared Narrative

Final Draft/Pre-Decisional/Do Not Cite. Forging a Common Understanding for Critical Infrastructure. Shared Narrative Final Draft/Pre-Decisional/Do Not Cite Forging a Common Understanding for Critical Infrastructure Shared Narrative March 2014 1 Forging a Common Understanding for Critical Infrastructure The following

More information

Disaster Preparedness & Response

Disaster Preparedness & Response 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 A B C E INTRODUCTION AND PURPOSE REVIEW ELEMENTS ABBREVIATIONS NCUA REFERENCES EXTERNAL REFERENCES Planning - Ensuring

More information

IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP Revision History REVISION DATE NAME DESCRIPTION Original 1.0 2 Table of Contents Information Technology Statement

More information

Guidance on Arrangements to Support Operational Continuity in Resolution. Consultative Document

Guidance on Arrangements to Support Operational Continuity in Resolution. Consultative Document Guidance on Arrangements to Support Operational Continuity in Resolution Consultative Document 3 November 2015 ii The Financial Stability Board ( FSB ) is seeking comments on its Consultative Document

More information

Keyperson Insurance KEEPING IT ALL GOING. A Guide to Keyperson Insurance

Keyperson Insurance KEEPING IT ALL GOING. A Guide to Keyperson Insurance Keyperson Insurance KEEPING IT ALL GOING A Guide to Keyperson Insurance INTRODUCING ROYAL LONDON Ever since we started as a Friendly Society over 150 years ago, at Royal London we ve believed that our

More information

Financial Stability Report Press Conference. Tuesday 5 th July Opening Remarks by the Governor

Financial Stability Report Press Conference. Tuesday 5 th July Opening Remarks by the Governor Financial Stability Report Press Conference Tuesday 5 th July 2016 Opening Remarks by the Governor Today, I want to outline how the Financial Policy Committee (FPC) is ensuring that the financial system

More information

THE ROLE OF LEAD GOVERNMENT DEPARTMENTS IN PLANNING FOR AND MANAGING CRISES

THE ROLE OF LEAD GOVERNMENT DEPARTMENTS IN PLANNING FOR AND MANAGING CRISES THE ROLE OF LEAD GOVERNMENT DEPARTMENTS IN PLANNING FOR AND MANAGING CRISES THE FRAMEWORK FOR ACTION 1. Most incidents are handled at a local level by the emergency services and by the appropriate local

More information

Chapter I: Fundamentals of Business Continuity Management

Chapter I: Fundamentals of Business Continuity Management Chapter I: Fundamentals of Business Continuity Management Objectives Define Business Continuity Management (BCM) Define the relationship between BCM and risk management Review BCM responsibilities Identify

More information

This chapter is an excerpt from Protecting Your Library s Digital Sources: The Essential Guide to Planning and Preservation by Miriam B. Kahn.

This chapter is an excerpt from Protecting Your Library s Digital Sources: The Essential Guide to Planning and Preservation by Miriam B. Kahn. This chapter is an excerpt from Protecting Your Library s Digital Sources: The Essential Guide to Planning and Preservation by Miriam B. Kahn. Published by ALA Editions Copyright 2004 American Library

More information

DISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES

DISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES APPENDIX 1 DISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES March 2008 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto TABLE OF CONTENTS EXECUTIVE SUMMARY...1

More information

Framework for an Aviation Security Management System (SeMS)

Framework for an Aviation Security Management System (SeMS) Framework for an Aviation Security Management System (SeMS) CAP 1223 Civil Aviation Authority 2014 All rights reserved. Copies of this publication may be reproduced for personal use, or for use within

More information

Presentation to IMHX: What is the right approach to Black Swan events?

Presentation to IMHX: What is the right approach to Black Swan events? Presentation to IMHX: What is the right approach to Black Swan events? A presentation by Transport Intelligence to IMHX, Birmingham John Manners-Bell, CEO 21 st March 2013 1. About Ti Established in 2002

More information

Offsite Disaster Recovery Plan

Offsite Disaster Recovery Plan 1 Offsite Disaster Recovery Plan Offsite Disaster Recovery Plan Presented By: Natan Verkhovsky President Disty Portal Inc. 2 Offsite Disaster Recovery Plan Introduction This document is a comprehensive

More information

Business Continuity and Disaster Recovery for Law Firms CAROLINE POYNTON

Business Continuity and Disaster Recovery for Law Firms CAROLINE POYNTON Business Continuity and Disaster Recovery for Law Firms CAROLINE POYNTON PUBLISHED BY IN ASSOCIATION WITH Contents Executive summary... VII The regulatory landscape...vii Part One Business Continuity

More information

Kuala Lumpur, Malaysia, 25 26 May 2010. Report

Kuala Lumpur, Malaysia, 25 26 May 2010. Report Cooperative Arrangement for the Prevention of Spread of Communicable Disease through Air travel (CAPSCA) Workshop / Seminar on Aviation Business Continuity Planning Kuala Lumpur, Malaysia, 25 26 May 2010

More information

Polish Financial Supervision Authority. Guidelines

Polish Financial Supervision Authority. Guidelines Polish Financial Supervision Authority Guidelines on the Management of Information Technology and ICT Environment Security for Insurance and Reinsurance Undertakings Warsaw, 16 December 2014 Table of Contents

More information

Zurich, 13 December 2007. Introductory remarks by Philipp Hildebrand

Zurich, 13 December 2007. Introductory remarks by Philipp Hildebrand abcdefg News conference Zurich, 13 December 2007 Introductory remarks by Philipp Hildebrand Six months ago, when our Financial Stability Report was published, I stated that "the global financial system

More information

NHS Lancashire North CCG Business Continuity Management Policy and Plan

NHS Lancashire North CCG Business Continuity Management Policy and Plan Agenda Item 12.0. NHS Lancashire North CCG Business Continuity Management Policy and Plan Version 2 Page 1 of 25 Version Control Version Reason for update 1.0 Draft for consideration by Executive Committee

More information

IBM index reveals key indicators of business continuity exposure and maturity

IBM index reveals key indicators of business continuity exposure and maturity IBM Global Technology Services Business Continuity and Resiliency Services IBM index reveals key indicators of business continuity exposure and maturity Will a more holistic approach to business continuity

More information

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA 1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

Operational Risk. The new FSA requirements. Contents. February 2004

Operational Risk. The new FSA requirements. Contents. February 2004 Operational Risk The new FSA requirements February 2004 Contents Purpose Definition of OR by FSA Factors to take into account Business functions within a company with individual OR plans for their function

More information

FORMULATING YOUR BUSINESS CONTINUITY PLAN

FORMULATING YOUR BUSINESS CONTINUITY PLAN WHITE PAPER Page 0 Planning for the Worst Case Scenario: FORMULATING YOUR BUSINESS CONTINUITY PLAN 9 Wing Drive Cedar Knolls, NJ 07927 www.nac.net Page 1 Table of Contents Overview... 2 What is Disaster

More information

IT Disaster Recovery Plan Template

IT Disaster Recovery Plan Template HOPONE INTERNET CORP IT Disaster Recovery Plan Template Compliments of: Tim Sexton 1/1/2015 An information technology (IT) disaster recovery (DR) plan provides a structured approach for responding to unplanned

More information

Business Continuity Planning

Business Continuity Planning Business Continuity Planning We believe all organisations recognise the importance of having a Business Continuity Plan, however we understand that it can be difficult to know where to start. That s why

More information

: Chief Executive Officers of all Licensed Commercial Banks, Primary Dealers, Central Depository Systems (Pvt) Ltd. and LankaClear (Pvt.) Ltd.

: Chief Executive Officers of all Licensed Commercial Banks, Primary Dealers, Central Depository Systems (Pvt) Ltd. and LankaClear (Pvt.) Ltd. March 29, 2006 BCP Guidelines No: 01/2006 To : Chief Executive Officers of all Licensed Commercial Banks, Primary Dealers, Central Depository Systems (Pvt) Ltd. and LankaClear (Pvt.) Ltd. Introduction

More information

FACT SHEET: Ransomware and HIPAA

FACT SHEET: Ransomware and HIPAA FACT SHEET: Ransomware and HIPAA A recent U.S. Government interagency report indicates that, on average, there have been 4,000 daily ransomware attacks since early 2016 (a 300% increase over the 1,000

More information

Business continuity strategy

Business continuity strategy Business continuity strategy 2009 2012 Table of contents 1 Why this strategy is needed 3 2 Aim of the strategy 4 3 Our approach to business continuity 4 PROCESS 4 STRUCTURE 5 DOCUMENTATION 6 DISRUPTION

More information

Debt Solution Overview 2

Debt Solution Overview 2 Contents Debt Solution Overview 2 Debt Management What is a Debt Management Plan? 3 What are the benefits of a Debt Management Plan? 3 How does it work? 3 What debts can be included in a plan? 4 What debts

More information

PBSi Business Continuity Planning

PBSi Business Continuity Planning Business Continuity Planning Definition Business Continuity planning is a planning process designed to reduce the risk that disruptive failures or events could seriously harm your business. It is designed

More information

White Paper AN INTRODUCTION TO BUSINESS CONTINUITY PLANNING AND SOLUTIONS FOR IT AND TELECOM DECISION MAKERS. Executive Summary

White Paper AN INTRODUCTION TO BUSINESS CONTINUITY PLANNING AND SOLUTIONS FOR IT AND TELECOM DECISION MAKERS. Executive Summary AN INTRODUCTION TO BUSINESS CONTINUITY PLANNING AND SOLUTIONS FOR IT AND TELECOM DECISION MAKERS Executive Summary Today s businesses rely heavily on voice communication systems and data networks to such

More information

BUSINESS CONTINUITY GUIDE FOR SMALL BUSINESSES

BUSINESS CONTINUITY GUIDE FOR SMALL BUSINESSES INTRODUCTION BUSINESS CONTINUITY GUIDE FOR SMALL BUSINESSES Organisations that have a business continuity capability are far more likely to survive the effects of a major incident than those that don t.

More information

Executive Suite Series An Akamai White Paper

Executive Suite Series An Akamai White Paper An Akamai White Paper Plan vs. Panic: Making a DDoS Mitigation Playbook Part of Your Incident Response Plan Introduction When a huge Distributed Denial-of-Service (DDoS) attack took down the Website of

More information

Emergency Response and Business Continuity Management Policy

Emergency Response and Business Continuity Management Policy Emergency Response and Business Continuity Management Policy Owner: John Duffy, Registrar & Secretary Last updated: September 2012 Version: 04 Document control Date Version Author Changes To be populated

More information

Risks and uncertainties

Risks and uncertainties Risks and uncertainties Our risk management approach We have a well-established risk management methodology which we use throughout the business to allow us to identify and manage the principal risks that

More information

Lecture 4: The Aftermath of the Crisis

Lecture 4: The Aftermath of the Crisis Lecture 4: The Aftermath of the Crisis 2 The Fed s Efforts to Restore Financial Stability A financial panic in fall 2008 threatened the stability of the global financial system. In its lender-of-last-resort

More information

Consider the cash demands of a financial institution's customers; Anticipate funding needs in late 1999 and early 2000;

Consider the cash demands of a financial institution's customers; Anticipate funding needs in late 1999 and early 2000; AL 98-18 Subject: Year 2000 Q&A Guidance Date: December 10, 1998 TO: hief Executive Officers of National Banks, Federal Branches, Service Providers, Software Vendors, Department and Division Heads, and

More information

Business Continuity Planning at the Bank of Japan

Business Continuity Planning at the Bank of Japan Business Continuity Planning at the Bank of Japan Bank of Japan September 2003 I. Introduction 1 The September 11 terrorist attacks in the United States have demonstrated the significance of business continuity

More information

Emergency management in Cardiff. A practical guide

Emergency management in Cardiff. A practical guide Emergency management in Cardiff A practical guide Emergency management in Cardiff Introduction It is very unlikely that any of us will ever be caught up in an emergency or disaster, but by being informed

More information

Business Continuity Management Policy and Plan

Business Continuity Management Policy and Plan Business Continuity Management Policy and Plan 1 Page No: Contents 1.0 Introduction 3 2.0 Purpose 3 3.0 Definitions 4 4.0 Roles, Duties & Responsibilities 4 4.1 Legal And Statutory Duties, Responsibilities

More information

Helping businesses source finance

Helping businesses source finance SUPPORTING BUSINESS - SOURCING FINANCE Helping businesses source finance Helping businesses source finance These are challenging times for every business. The economic environment has changed and many

More information

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

Strengthening APRA s Crisis Management Powers. ASX Submission

Strengthening APRA s Crisis Management Powers. ASX Submission Strengthening APRA s Crisis Management Powers ASX Submission 14 December 2012 Contents Executive Summary... 3 1. ASX supports a statutory management regime for FMIs which applies to overseas and domestic

More information

Evaluation of the Railroad Retirement Board s Disaster Recovery Plan Report No. 06-08, August 14, 2006 INTRODUCTION

Evaluation of the Railroad Retirement Board s Disaster Recovery Plan Report No. 06-08, August 14, 2006 INTRODUCTION Evaluation of the Railroad Retirement Board s Disaster Recovery Plan Report No. 06-08, August 14, 2006 INTRODUCTION This report presents the results of the Office of Inspector General s evaluation of the

More information

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012 GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental

More information

Business Continuity Management. Christoph Stute Guatemala 28 29 March 2012

Business Continuity Management. Christoph Stute Guatemala 28 29 March 2012 Financial Risk Management and Business Continuity Management Christoph Stute Guatemala 28 29 March 2012 Financial Risk Management Christoph Stute Guatemala 28 29 March 2012 Risk Management in Banks Regulatory

More information

Regulatory Framework for Disaster Recovery Planning for the ICT Industry

Regulatory Framework for Disaster Recovery Planning for the ICT Industry Regulatory Framework for Disaster Recovery Planning for the ICT Industry Kingdom of Saudi Arabia Regulatory Framework for Disaster Recovery Planning for the ICT Industry Page 1 of 6 1. INTRODUCTION 1.1

More information

Disability Sport Events DSE EVENTS CONTINGENCY PLAN

Disability Sport Events DSE EVENTS CONTINGENCY PLAN Disability Sport Events DSE EVENTS CONTINGENCY PLAN Part I. Introduction Part I contains information about this document, which provides the written record of DSE s Contingency Plan. Introduction to This

More information

The U.S. Economy after September 11. 1. pushing us from sluggish growth to an outright contraction. b and there s a lot of uncertainty.

The U.S. Economy after September 11. 1. pushing us from sluggish growth to an outright contraction. b and there s a lot of uncertainty. Presentation to the University of Washington Business School For delivery November 15, 2001 at approximately 8:05 AM Pacific Standard Time (11:05 AM Eastern) By Robert T. Parry, President and CEO of the

More information

Preparing for the Resolution of a Troubled Bank. Have Your Toolkit Ready

Preparing for the Resolution of a Troubled Bank. Have Your Toolkit Ready Preparing for the Resolution of a Troubled Bank Have Your Toolkit Ready Plans are nothing; planning is everything. Outline of Presentation Planning for a bank resolution as part of your overall contingency

More information

Business-critical Insurance

Business-critical Insurance Business-critical Insurance Identifying those insurances that support the business and its strategy Guide 2015 Contents Introduction... 4 Categories of insurance... 5 Determining which insurance covers

More information

ASX SETTLEMENT OPERATING RULES Guidance Note 10

ASX SETTLEMENT OPERATING RULES Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

Disaster Recovery. Tips for business survival. A Guide for businesses looking for disaster recovery November 2005

Disaster Recovery. Tips for business survival. A Guide for businesses looking for disaster recovery November 2005 Disaster Recovery Tips for business survival A Guide for businesses looking for disaster recovery November 2005 Page 1 of 9 Introduction The aim of this paper is to highlight the importance of having a

More information

Information Security in the undergraduate curriculum

Information Security in the undergraduate curriculum Information Security in the undergraduate curriculum Chris Mitchell Royal Holloway, University of London www.isg.rhul.ac.uk/~cjm 1 Background I Some years ago, computer hacking was mainly done for fun.

More information

Business Continuity Planning. A guide to loss prevention

Business Continuity Planning. A guide to loss prevention Business Continuity Planning A guide to loss prevention There are many statistics quoted about the effect that a lack of planning for a disaster has on a business. What s certain is that any unplanned

More information

Financial Services Authority. FSA CP13/7: High-level proposals for an FCA regime for consumer credit. A Response by Credit Action

Financial Services Authority. FSA CP13/7: High-level proposals for an FCA regime for consumer credit. A Response by Credit Action Financial Services Authority FSA CP13/7: High-level proposals for an FCA regime for consumer credit A Response by Credit Action Background Credit Action is a national financial capability charity (registered

More information

Risk management + Strategic planning IT TAKES AN ENTIRE ORGANIZATION

Risk management + Strategic planning IT TAKES AN ENTIRE ORGANIZATION 1 Risk management + Strategic planning IT TAKES AN ENTIRE ORGANIZATION Background 2 Technology has become the central component of business operations Businesses have become more vulnerable to risks associated

More information

BITS GUIDE TO CONCENTRATION RISK

BITS GUIDE TO CONCENTRATION RISK BITS GUIDE TO CONCENTRATION RISK IN OUTSOURCING RELATIONSHIPS BITS A DIVISION OF THE FINANCIAL SERVICES ROUNDTABLE 1001 PENNSYLVANIA AVENUE, NW SUITE 500 SOUTH WASHINGTON, DC 20004 202-289-4322 WWW.BITS.ORG

More information

The European and UK Space Agencies

The European and UK Space Agencies The European and UK Space Agencies A response to the House of Commons Science and Technology Select Committee April 2013 Introduction The Royal Academy of Engineering is pleased to submit evidence to the

More information

Although designed in a check-the-box format, the worksheet does not replace thoughtful and informed analysis.

Although designed in a check-the-box format, the worksheet does not replace thoughtful and informed analysis. Appendix D Year 2000: Credit Risk Assessment Worksheet Y2K Credit Risk Assessment Worksheet Page 1 Information The purpose of this worksheet is to help credit officers assess the level of a business borrower

More information

Cloud Software Services for Schools

Cloud Software Services for Schools Cloud Software Services for Schools Supplier self-certification statements with service and support commitments Please insert supplier details below Supplier name Address Contact name Contact email Contact

More information

BUSINESS CONTINUITY OVERSIGHT EXPECTATIONS FOR SYSTEMICALLY IMPORTANT PAYMENT SYSTEMS (SIPS)

BUSINESS CONTINUITY OVERSIGHT EXPECTATIONS FOR SYSTEMICALLY IMPORTANT PAYMENT SYSTEMS (SIPS) BUSINESS CONTINUITY OVERSIGHT EXPECTATIONS FOR SYSTEMICALLY IMPORTANT PAYMENT SYSTEMS (SIPS) TABLE OF CONTENTS EXECUTIVE SUMMARY 1 INTRODUCTION 2 EVOLUTION OF CORE PRINCIPLE VII 2 IMPLEMENTATION 4 1 FORMULATION

More information

Guidelines 1 on Information Technology Security

Guidelines 1 on Information Technology Security Guidelines 1 on Information Technology Security Introduction The State Bank of Pakistan recognizes that financial industry is built around the sanctity of the financial transactions. Owing to the critical

More information

ICT Disaster Recovery Plan

ICT Disaster Recovery Plan 7 Appendix A ICT Disaster Recovery Plan Definition of a Disaster A computer disaster is the occurrence of any computer system or associated event which causes the interruption of business, leading in the

More information

Business Continuity Overcome the Challenges

Business Continuity Overcome the Challenges Business Continuity Overcome the Challenges A briefing paper by Phoenix IT Infrastructure Support Services Inspiring Partnership Contents Introduction 3 The Business Case 4 Cost Effective Solutions 7 Selling

More information

www.pwc.co.uk Information Security Breaches Survey 2013

www.pwc.co.uk Information Security Breaches Survey 2013 www.pwc.co.uk Information Security Breaches Survey 2013 Agenda and contents About the survey Security breaches increase External versus insider threats Understanding and communicating risks Implementation

More information

Unit 3 Cyber security

Unit 3 Cyber security 2016 Suite Cambridge TECHNICALS LEVEL 3 IT Unit 3 Cyber security Y/507/5001 Guided learning hours: 60 Version 1 September 2015 ocr.org.uk/it LEVEL 3 UNIT 3: Cyber security Y/507/5001 Guided learning hours:

More information

Critical Infrastructure Security and Resilience

Critical Infrastructure Security and Resilience U.S. Department of Homeland Security in partnership with the National Coordination Office for Space-Based Positioning, Navigation and Timing Critical Infrastructure Security and Resilience International

More information

Cloud Software Services for Schools

Cloud Software Services for Schools Cloud Software Services for Schools Supplier self-certification statements with service and support commitments Please insert supplier details below Supplier name Address Isuz Ltd. trading as Schoolcomms

More information

NHS 111 National Business Continuity Escalation Policy

NHS 111 National Business Continuity Escalation Policy NHS 111 National Business Continuity Escalation Policy 1 NHS England INFORMATION READER BOX Directorate Medical Operations Patients and Information Nursing Policy Commissioning Development Finance Human

More information