Skip to main content

What are the FFIEC Guidelines for a Credit Union Disaster Recovery Test?

17366-80ffa0c0

byKirk Drake

If you do not work for a credit union, bank or other financial institution than this post probably won’t be much use. If you work in the financial services industry and want to know what the regulatory requirements for a Disaster Recovery test are – this post is for you.

The FFIEC, or the Federal Financial Institution Examination Council is a group made up of all of the financial industry regulator bodies. The NCUA, FDIC, OTS and others all sit on the council and work to provide consistent audit guidelines across all agencies. There areseven key elements that should be part of any Disaster Recovery test according to the FFIEC.

  • Roles and responsibilitiesshould be specifically defined
  • BIA and risk assessmentshould serve as the foundation of the testing program,
  • Enterprise-wide testing should be conductedat least annually
  • Testing should be viewed as acontinuously evolving cycle
  • Mitigation strategies should sustain the business until permanent operations are reestablished
  • The testing program should bereviewed by an independent party
  • Test results arecompared against the BCPto identify any gap

Randall Smith