Applicability: This letter applies to all institutions supervised by the Federal Reserve, including those with $10 billion or less in consolidated assets.
The Federal Financial Institutions Examination Council (FFIEC) has revised the February 2015 version of the "Business Continuity Management" (BCM) booklet of the FFIEC Information Technology Examination Handbook (IT Handbook). The BCM booklet is one of 11 booklets that make up the IT Handbook.
This booklet discusses BCM governance and its related components, including resilience; strategies, and plan development; training and awareness; exercises and tests; maintenance and improvement; and reporting for the board of directors. Additionally, this booklet outlines the principles of BCM to help examiners determine whether management adequately manages risk related to the availability of critical financial products and services. The booklet includes examination procedures, addressing:
The BCM booklet and the other booklets in the IT Handbookare available on the FFIEC website at: http://ithandbook.ffiec.gov/it-booklets.aspx.
Reserve Banks are asked to distribute this SR letter to the Federal Reserve-supervised institutions in their districts, as well as to their supervisory and examination staff. Questions regarding the revised guidance should be addressed to the staff in the Board's Systems and Operational Resiliency Policy section. In addition, questions may be sent via the Board's public website. 1
signed by
Michael S. Gibson
Director
Division of
Supervision and Regulation