Identifying credit union technology gaps for a faster recovery

by Ongoing Operations

by: Mark Komnik

Conducting a Business Impact Analysis (BIA) is the first step in building your Business Continuity Program.  The BIA report describes potential risks and the projected financial impact to the credit union when a business disruption or disaster occurs.  Equally important, though, it also outlines processes and functions within each department and functional areas and ranks them according to criticality, which helps to determine the needs/requirements to sustain business during the disruption.  Each identified process and function has a stated Recovery Time Objective (RTO) – the period of time within which systems, applications or functions must be recovered after a disruption, and a stated Recovery Point Objective (RPO) – the maximum amount of data loss an organization can sustain during an event.   The RTO and RPO can be determined by conducting a Risk Assessment.

After you’ve determined the RTO and RPO for the identified processes, it’s time to determine the actuals (RTA/RPA).  The actuals can only be exposed by disaster and business disruption rehearsals.  There is always a recovery gap between the actuals (RTA/RPA) and objectives introduced by various manual and automated steps to restore the process.  It’s necessary to review those gaps and find ways to minimize them as much as possible.  In some cases, you may even be able to eliminate them.

With so many processes, where do you start?  Start by identifying the processes with common supporting systems.  Email, for example, is one of the most critical communication tools, and many business processes are dependent upon it – especially during a disaster.  If your credit union currently runs an in-house email server, try utilizing Hosted Exchange instead, all business processes with email as a supporting system would benefit by having a faster RTO and higher RPO.  It would be one less system for IT to recover during an event, and would eliminate any recovery gap that exists with your current plan.  Because of the high availability of a hosted solution, it would also reduce the impact it would cause to your members and the credit union by allowing you to communicate more effectively.

continue reading »

Featured