Printer FriendlyInactive Financial Institution Letters
FIL-71-2019
November 14, 2019
November 14, 2019
Updated FFIEC IT Examination Handbook - Business Continuity Management Booklet
Printable Format:
Summary:
The Federal Financial Institutions Examination Council (FFIEC) issued the Business Continuity Management (BCM) booklet, which is part of the FFIEC Information Technology Examination Handbook. The booklet replaces the Business Continuity Planning booklet issued in February 2015.
Statement of Applicability to Institutions under $1 Billion in Total Assets: This Financial Institution Letter (FIL) applies to all FDIC-supervised financial institutions.
Highlights:
- The BCM booklet describes principles and practices for managing business continuity. The booklet also helps examiners determine whether management adequately addresses risks related to the availability of critical financial products and services.
- The booklet also contains updated procedures to help examiners evaluate the adequacy of an entity's business continuity management program.
- The change from business continuity planning to business continuity management reflects the expanded role information technology (IT) plays in supporting business operations and meeting customer expectations.
- The booklet focuses on assessing an entity's resilience through an enterprise risk management (ERM) perspective that considers technology, business operations, communication strategies, training, testing, maintenance, and improvement — issues critical to business continuity. The degree of maturity, integration and documentation between the BCM and ERM processes should be assessed commensurate with the entity's size, complexity, and risk profile.
- The incorporation of industry principles and frameworks provides examiners with a durable means to assess business continuity management. The changes do not impose new requirements on examined entities.
Distribution:
- FDIC-supervised financial institutions and their service providers
Suggested Routing:
- Chief Executive Officer
- Chief Information Officer
- Chief Information Security Officer
Related Topics:
Contact:
- Henry Jumonville, Sr. Examination Specialist (IT), (202) 898-3676 or hjumonville@fdic.gov
Note:
Access FDIC Financial Institution Letters (FILs) on the FDIC's website
Subscribe to receive FILs electronically
Paper copies of FDIC FILs may be obtained through the FDIC's Public Information Center, 3501 Fairfax Drive, E-1002, Arlington, VA 22226 (1-877-275-3342 or 703-562-2200).