Transcript Slide 1
IMPLEMENTING BUSINESS CONTINUITY: A BANK OF ENGLAND PERSPECTIVE STEPHEN P COLLINS BANK OF ENGLAND EFFECTIVE PLANNING FOR AN EFFECTIVE CONTINGENCY PLAN, YOU NEED TO: • Understand your business – what are the key activities? • Assess the impact – on your institution and on others – of not being able to carry them out. • Establish recovery time objectives – the point where loss of a key activity becomes critical to the business. • Estimate what is required to provide an acceptable level of service, eg: - minimum staffing levels over time - minimum work-station and telephony requirements over time - minimum PC and server requirements over time - application requirements over time RESILIENCE MEASURES • • • • • • • Planning Testing/Exercising Contingency Sites IT Resilience Split-Site Working Remote Access BlackBerries SCENARIO PLANNING What are we planning for ? Five possible types of event: • SERVICES : Loss of power, water, sewage to Bank locations • COMMUNICATIONS : Loss or severe degradation of public and/or private telephone networks, including mobile networks • SYSTEMS : Acute systems failure (eg successful virus attack) • STAFF : Significant numbers of staff unable/unwilling to travel to work (eg transport disruption, civil emergency, flu pandemic) • PREMISES : Loss of access to single or multiple Bank locations (eg fire/ flood/ bomb/ something worse) HIERARCHY OF PLANS • Bank of England uses an integrated 3-tier structure of business continuity plans – High level plan • Used by executive and senior management: provides an outline plan of action, assigns responsibilities, identifies key people, and sets out who will be involved in the recovery process. Written and maintained by Business Continuity Division. – Core and Crisis Function checklists • Each function has an individual Action Summary checklist which briefly sets out the key actions required to cover each function. These are brief, cut across areas, and are in note format. Set format, but maintained by lead areas. – Local area plans • These set out what each area needs to do in the aftermath of an operational disruption, and who is responsible. Covers both core/ crisis functions and other functions. Are more detailed and cover a longer time frame. We do not impose any set format for these plans. Business Continuity planning – structure and ownership Drafting and testing responsibilities Plan ownership Executive Team Local Area management High Level Plan Business Continuity Division Core and crisis functions action checklists BCD and local areas All Staff Local area plans WHY TEST? • To check the assumptions implicit in your plan • To check that all parties have sufficient knowledge of the plan, and that the plan is adequately documented • To check that proposed actions are achievable • To check business resilience • To check that strategies, technology are appropriate • To generate confidence in the plan WHAT SHOULD YOU TEST? • Processes, not individuals • Communication strategies – External interaction (customers, media, etc) – Contacting staff • Plan content – Logical, realistic, no assumptions • Interdependencies – Internal & external, including links with civil authorities • Technology solutions – Component level, data centres, data restoration • Alternative locations – Recovery sites, reciprocal arrangements GENERIC FORMS OF TESTS • Review of local area plans (do they complement or conflict?). Undertaken by a third party. • Tabletop walk-through. Undertaken by the people mentioned in the plan – talk-through a given scenario. Focus on training, familiarisation with roles, procedures, responsibilities. But no need to arrange elaborate facilities or communications. • Simulation. Uses a predefined scenario. May be announced or unannounced. As realistic as possible. Takes place in real time. May bring in “players” to act the roles of external bodies. May test facilities, communications, systems. All decisions and actions generate real responses and consequences from other players • Tests of kit, individual processes, premises. Types of tests used at the Bank of England • • • • Phone cascades Desk-top scenario walk-throughs ‘Acted-out’ exercises (testing crisis functions) ‘Real-time’ scenario-based crisis management exercises (both internal and market-wide) • Connectivity (kit) tests • ‘Invacuation’ and ‘evacuation’ tests • Live working from contingency sites MARKET WIDE EXERCISE - HISTORY • Annual exercise to test the resilience of financial sector. • First MWE in 2003 • Previous scenarios have included floods, and bombs – desktop and live-exercise simulation. MWE 2006 • Human influenza pandemic. • 70 UK firms took part with some 4,000 participants. • Largest ever business continuity exercise. • 6 week “rising tide” scenario covering several months in exercise time. – Starting at WHO stage 4 (limited human-tohuman transmission) to stage 6 (widespread, worldwide impact.) THE TRIPARTITE AUTHORITIES HM TREASURY BANK OF ENGLAND FINANCIAL SERVICES AUTHORITY GOVERNMENT/EMERGENCY SERVICES COBR HMT Gold DMO TRIPARTITE AUTHORITIES Standing Committee BC Sub-Group Tripartite Press Group FSA liaison BoE liaison FSC website/ Teleconference CMBCG All Firms Members/ Participants Exchanges Clearing Houses FINANCIAL PRIVATE SECTOR Settlement systems Counterparties Markets Payment Systems MMLG FXJSC Other groups SCHEMATIC OF TRIPARTITE/MARKET LIAISON FOR CRISIS MANAGEMENT • Tripartite elements • Tripartite/market elements • Wider government elements • Tripartite/government elements • Tripartite/market info. exchange • Tripartite/wider government links • Tripartite info. to market - GLOSSARY • BC Sub-Group – Business Continuity Sub-Group of the Tripartite Sub-Committee • FSA – Financial Services Authority • BoE – Bank of England • HMT – Her Majesty’s Treasury • DMO – Debt Management Office • COBRA – Cabinet Office Briefing Room • Gold – Strategic Planning Committee • FSC – Financial Sector Continuity Website (www.fsc.gov.uk) • CMBCG – Cross Market Business Continuity Group • MMLG – Money Markets Liaison Group • FXJSC – Foreign Exchange Joint Standing Committee