FFIEC revises Business Continuity Management Booklet to focus more on resilience

Published: Tuesday, 19 November 2019 10:07

The US Federal Financial Institutions Examination Council (FFIEC) has updated its Business Continuity Management Booklet to bring it in-line with the increased industry focus on resilience.

The update aims to assist examiners to understand how management of banks and other regulated entities have prepared their operations to avoid disruptions and to recover services. Updated examination procedures will also help examiners assess the adequacy of an entity’s overall business continuity management program.

The revised  Business Continuity Management booklet focuses on enterprise-wide approaches that address technology, business operations, testing, and communication strategies critical to the continuity of the business. The booklet describes principles and practices for information technology ¬†and operations designed to achieve safety and soundness, consumer financial protection, and compliance with applicable laws, regulations, and rules.

As the booklet now makes clear, business continuity focuses on more than just the planning process to recover operations after an event. Business continuity also includes the continued maintenance of systems and controls for the resilience and continuity of operations. Business continuity is an integral part of the risk management life cycle of an entity’s systems, processes, and operations.

The Business Continuity Management booklet is part of the FFIEC Information Technology Examination Handbook (IT Handbook) and replaces the Business Continuity Planning booklet issued in February 2015.

The IT Handbook is available at http://ithandbook.ffiec.gov/