The latest business continuity news from around the world

The US Federal Financial Institutions Examination Council (FFIEC) has published a revised Business Continuity Planning Booklet, which is part of the FFIEC Information Technology Examination Handbook. The update consists of the addition of a new appendix, entitled ‘Strengthening the Resilience of Outsourced Technology Services’.

The BCP Booklet contains guidance to assist examiners in evaluating financial institution and service provider risk management processes to ensure the availability of critical financial services. The booklet also was designed to provide guidance to financial institutions about the implementation of their business continuity planning processes.

The new appendix highlights that a financial institution’s reliance on third-party service providers to perform or support critical operations does not relieve a financial institution of its responsibility to ensure that outsourced activities are conducted in a safe and sound manner. An effective third-party management program should provide the framework for financial institution management to identify, measure, monitor, and mitigate the risks associated with outsourcing. Specifically, a financial institution should ensure that its third-party service providers do not negatively affect its ability to appropriately recover IT systems and return critical functions to normal operations in a timely manner. The appendix highlights and strengthens the BCP Booklet in four specific areas:

  • Third-party management
  • Third-party capacity
  • Testing with third-party technology service providers
  • Cyber resilience.

The revision can be read here (PDF).


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.