Chapter 9 - Business Continuity

Abstract

Business continuity planning (BCP) is a methodology for planning how to deal with unforeseen disruptions in financial business processes. These disruptions are expected to be of a large scale, such as the disaster of September 11, only 5% of the time; more often than not, disruptions are minor and on a much smaller scale. These smaller disruptions may be due to short-term power outages, fires, disk drive failures, or computer viruses. Regardless, the firm must make a plan based on a thorough analysis of all scenarios that may affect its normal working, and create and test contingency and recovery measures for such situations. This chapter discusses the salient parts of a BCP, which constitutes a strategy for recovering from sudden and unexpected disruption of critical business functionalities. Business continuity and disaster recovery became more important after the occurrence of the September 11, 2001, terrorist attacks in New York, which led to widespread failure in financial systems. Developing a business continuity and disaster recovery plan requires setting aside resources and treating the development of the plan as a project for the firm. Once the analysis has been conducted and strategies have been formulated, the plan must be tested using simulated emergency scenarios. These scenarios are also important when it comes to industry-wide testing, which has become more of a focus recently as firms in financial sectors across the world become more deeply interlinked. While it is crucial for each firm to have its own business continuity plan, it is just as important for the industry as a whole to protect its infrastructure, since systems of each firm are intricately linked together in an STP environment.