Business Continuity
When you handle data, financial data, and settlement data particularly, from the risk management perspective, and the management of operational risks, the increase in the frequency and value of transactions is a factor that leads to higher operational risks for those involved.
Transaction delays/failures constitute one of the most significant inherent risks in transactional and branch banking operations.
These risks may arise from a wide variety of causes, including cybercrime, human error, computer system failure, disruption in electricity supply, natural disasters (volcano eruption, floods, tsunami, and earthquakes), fire, riots, and bomb threats.
The failure of a company/institution in anticipating or responding appropriately to these risk factors may lead to potential losses for the company and its customers. Even worse, these risks may trigger a systemic risk to the national settlement system. (Think the SWIFT fiasco and similar events last year)
Having a detailed risk mitigation plan is a key aspect to ensure continuing successful operational activities.
An in-depth Business Continuity Plan (BCP) for implementation at all locations and at all levels is vital.
These days, just addressing the infrastructure is not enough. A BCP typically includes a multi data center, dual call center, satellite and land line telecommunications system and network for telephone and cable optics lines, and Disaster Recovery Center.
Some even consider power to ensure the continuous supply of electricity to the Data Center. Some are designed to be fed from two different electricity main transformers with an independent generator serving as back up. The multi data centers act as a main and a back-up of data center in times of outages. Periodically, these data centers change roles; the backup become the main and vice versa to ensure smooth switching in time of disruption.
A BCP also covers emergency situations that might endanger the employees, physical documents and assets, and the operational premises. These situations can include fires, floods, earthquakes, bomb threats, riots and pandemic breakouts.
To ensure that the BCP functions as intended at the time of need, companies should conduct tests and simulation exercises on a regular, as well as on a surprise basis. (once your plan is mature)
But that alone is not enough anymore. Companies need to be cognizant of their risks, and backup data at least daily, and even hourly, and from multiple locations. Companies need to back up their critical functions, even their service desk(s), and companies must proactively test their security.
Today, just about every company has a cyber awareness/cyber security plan. A comprehensive assessment of your business architecture, and your vulnerabilities is vital to assuring your day to day business is safe and you address your vulnerabilities. At Techworks, for instance, we evaluate infrastructure security controls, policies, and procedures. We perform vulnerability and penetration testing to identify weakness in your current security approach and make recommendations to reduce risk for our clients.
When your day to day is secure, your Continuity is safe.
It is estimated that actual losses incurred due to operational risk factors in 2016 went up 27% globally and is continually rising, as companies struggle to maintain a grasp on new threats as they arise.
Success in minimizing operational losses can almost always be attributed to effective systems and procedures, reliable technology, proper and adequate internal control, an awareness of risk mitigation at each work level, and perhaps most important of all, the full support and commitment from top-level management on down.
Comments