BCP (Business Continuity Plan)



Similar documents
TOCOM s Approach to the Business Continuity Plan (BCP)

Business Continuity Planning at Financial Institutions

Business Continuity and Disaster Recovery Planning

Business Continuity Plan

LiveOn Web Conference System Service Terms of Use

Assessment of natural hazards, man made hazards, technical and societal related risks and associated impact.

NHS 24 - Business Continuity Strategy

IT Disaster Recovery Plan Template

SECTION 15 INFORMATION TECHNOLOGY

RESERVE BANK OF VANUATU OPERATIONAL RISK MANAGEMENT

JUMP START DISASTER RECOVERY PLAN FOR HOSPITALITY

Disaster Recovery Planning Process

KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity

HIPAA Information Security Overview

PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA

Risk Assessment Guide

Information Technology Policy

INFORMATION TECHNOLOGY ENGINEER V

Management Standards for Information Security Measures for the Central Government Computer Systems

NCUA LETTER TO CREDIT UNIONS

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

IT Disaster Recovery and Business Resumption Planning Standards

Business Continuity Management Policy and Plan

South West Lincolnshire NHS Clinical Commissioning Group Business Continuity Policy

Offsite Disaster Recovery Plan

HIPAA Security Alert

Chapter 4 Information Security Program Development

JANSSEN PARTNERS, INC. Business Continuity Plan (BCP)

Creating a Business Continuity Plan

University of California, Riverside Computing and Communications. IS3 Local Campus Overview Departmental Planning Template

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

Business Continuity Planning in IT

NHS Lancashire North CCG Business Continuity Management Policy and Plan

Business Continuity Management

Information Security Management: Business Continuity Planning. Presentation by Stanislav Nurilov March 9th, 2005 CS 996: Info. Sec. Mgmt.

Disaster Recovery. Hendry Taylor Tayori Limited

BUSINESS CONTINUITY MANAGEMENT REQUIREMENTS FOR SGX MEMBERS NEW RULES FOR INCLUSION IN SGX-ST RULES

IM-93-1 ADP System Security Requirements and Review Process - Federal Guidelines

HIPAA Security. 6 Basics of Risk Analysis and Risk Management. Security Topics

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Four

Business Continuity Policy & Plans

Business Continuity Planning (BCP) / Disaster Recovery (DR)

Business Continuity Management Policy and Plan

Information Security Program

Issue 1.0. UoG/ILS/IS 001. Information Security and Assurance Policy. Information Security and Compliance Manager

Disaster Recovery Planning

Disaster Recovery & Business Continuity Dell IT Executive Learning Series

1.3 The Terms are accepted by the Customer upon registration or ordering of the Products or renewal of any such subscription.

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics

HIPAA COMPLIANCE AND DATA PROTECTION Page 1

Business Resiliency Business Continuity Management - January 14, 2014

Ohio Supercomputer Center

Abhi Rathinavelu Foster School of Business

Decision on adequate information system management. (Official Gazette 37/2010)

SAMPLE HIPAA/HITECH POLICIES AND PROCEDURES MANUAL FOR THE SECURITY OF ELECTRONIC PROTECTED HEALTH INFORMATION

Business Continuity Planning for Risk Reduction

OCC 98-3 OCC BULLETIN

BUSINESS CONTINUITY PLANNING GUIDELINES

Operational Risk Management Policy

Disaster Recovery Plan (DRP) / Business Continuity Plan (BCP)

Information Security Management System. Business Continuity and Disaster Recovery Plan Policy. The Smart Cube. Description Change

Business Continuity Planning Preparing Your Organization

PROCEDURE FOR SECURITY RISK MANAGEMENT IN PPC S.A. INFORMATION TECHNOLOGY SYSTEMS DA-1

Security Basics: A Whitepaper

An organization properly establishes and operates its control over risks regarding the information system to fulfill the following objectives:

Business Continuity Planning at the Bank of Japan

INFORMATION TECHNOLOGY SECURITY STANDARDS

University of Central Florida Class Specification Administrative and Professional. Information Security Officer

micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) August, 2013 Revision 8.0 MICROS Systems, Inc. Version 8.

ISO Controls and Objectives

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

Managing IT Security with Penetration Testing

Beyond Effective Security. The Art and Science of Business Continuity Planning

Disaster Recovery 81 Success Secrets. Copyright by Michelle Stein

Business Unit CONTINGENCY PLAN

THORNBURG INVESTMENT MANAGEMENT THORNBURG INVESTMENT TRUST. Business Continuity Plan

STEP-BY-STEP BUSINESS CONTINUITY AND EMERGENCY PLANNING MAY

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone:

Risk mitigation for business resilience White paper. A comprehensive, best-practices approach to business resilience and risk mitigation.

Terms and Conditions of International Money Transfer Transactions by Card Members

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery

INFORMATION TECHNOLOGY CONTROLS

Transcription:

(Translation) BCP (Business Continuity Plan) September 26, 2008 Tokyo Financial Exchange Inc. Tokyo Financial Exchange Inc. ( TFX ) has been committed in establishing a system which ensures stable and continued operation of its business in case of emergency. As part of such efforts, TFX has defined its action plan in the case of system failure or other emergencies through publication of Contingency Plan for System Failure and Other Emergencies. Meanwhile, TFX has recognized recent years increasing needs for a specific program to cope with various risks which threaten the TFX s business continuity, such as major earthquakes and terrorisms. Accordingly it has established the Business Continuity Plan ( BCP ) as summarized below. The BCP sets out the TFX s policies and actions to secure its business continuity against risk exposures that could lead to suspension of the TFX s operating functions. It is TFX s policy that it makes the BCP available not only to Trading Members, but also to information vendors and other external institutions and organizations concerned, to the extent that the disclosure does not affect the TFX s security. TFX believes that allowing them to have knowledge of the TFX s following policies and actions before any event actually occurs will enhance the effect of the BCP. The BCP will be reviewed and updated once every year. 1. Basic policy about BCP The BCP is designed to clarify the TFX s basic policy for securing its business continuity on a company wide basis. In case of any risk exposure, the TFX will endeavor to continue its trading business as far as possible, and minimize the impact on the Trading Members and institutions and organizations concerned.

Should TFX be compelled to suspend trading, a quick and effective recovery will be sought. 2. Scope (1) Assumed risks The following risks are assumed to cause suspension of TFX s operation: Natural disaster (including earthquakes, damage by wind and floods, epidemics) Breakdown of social infrastructures (including electricity and telecommunications systems) Cyber-terrorism (including virus attack, data tampering, unauthorized access) Terrorrism (including destructive acts and threats by pre-notice) System failure (hardware and software) Other disasters (including fires) (2) Scope of application The BCP is applied to the TFX s officers and employees, personnel of system developers and system operation contractors, and system facilities. In addition, TFX will endeavour to obtain understandings of BCP from the Trading Members, information vendors and other institutions and organizations concerned, to ensure a close cooperation with them in case of emergency. 3. Actions Each occurrence of emergency is classified to, either, wider area disaster, 2

localized damage, or system failure, depending on its nature, as described below: (1) Wider area disaster A wider area disaster means a disaster, including but not limited to major earthquake, which causes damages to more than one (1) TFX facilities simultaneously. In the case of occurrence of a wider area disaster, the following steps shall be followed: (i) Gathering information, and understanding the situation (including securing of contacts with Trading Members, information vendors and external institutions and organizations concerned) (ii) Holding an action plan meeting (iii) Determining the action plan (including determining whether or not alternate operation or switch to data center is necessary) (iv) Arranging recovery In the case of occurrence of a wider area disaster, operation will be transferred to a backup office, and the Interest Rate Futures trading system will be switched to a disaster recovery site (hereinafter referred to as DR Site ). If the Exchange System suffered a serious failure, Contingency Plan for System Failure and Other Emergencies shall be applied. (2) Localized damage A localized damage means a disaster suffered by any one (1) single TFX facility due to terrorism or other cause. In the event of localized damage, the same steps as set out in (1) Wider area disaster above shall be followed. 3

If the Exchange System suffered a serious failure, Contingency Plan for System Failure and Other Emergencies shall be applied. (3) System failure A system failure means a situation where the Exchange System has become unavailable due to failure of hardware, software and the like. 4. BCP operation system To operate the BCP, the following system and infrastructures will be established and maintained. (1) Safety confirmation system In case of disaster, safety of the TFX s officers and employees will be confirmed promptly, and a safety confirmation system will be introduced to secure necessary manpower. (2) Ensuring of telecommunications tools In order to secure communications in case of disaster, TFX will be ready for a variety of telecommunications means, including but not limited to, telephone, facsimile, priority telephone for times of disaster, mobile phone and e-mail. Further, TFX shall exchange contact lists with the Trading Members, information vendors, and external institutions and organizations concerned. (3) Backup office TFX will prepare a backup office, in which it will continue its trading business in case that its offices have become unavailable. (4) Data center 4

TFX s core system will be placed in a robust data center, which not only fully meets the system standards prescribed by The Center for Financial Industry Information Systems (FISC) (so-called FISC Security Guidelines on Computer Systems for Financial Institutions ) but also has obtained a validation of ISO27001 certification system (information security management system). However, in case that a disaster has occurred and the data center for the Interest Rate Futures trading system becomes unavailable, TFX will switch the trading operation to DR Site and will continue trading. In addition, TFX will have an external backup of necessary data to secure continued operation in case of disaster. (5) Manuals TFX will prepare and maintain manuals (including manuals for holding action plan meetings) to quickly respond to a disaster. (6) BCP operation test and training Switch to a backup office and to the DR Site will be tested and trainings will be given to TFX officers and employees at least once every year, to consolidate knowledge of steps to be taken in case of disaster. Disclaimer: This English version is not an officially accurate translation of the original Japanese BCP. In the case where any differences may occur in the English version, the original Japanese BCP will prevail. Tokyo Financial Exchange, Inc. (TFX) shall not accept any responsibility for damage or loss caused by any errors, inaccuracies, misunderstandings or misspelling with regard to the translation of the BCP. This translation may be used only for reference purposes. TFX maintains the right to claim compensation from violators for any damages loss it may suffer from the violation of these conditions. 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information