Business Continuity Planning – Risk Assessment

The first step in building a comprehensive Business Continuity Program is to conduct a Business Impact Analysis or BIA. The Second Step in the process is to conduct a Risk Assessment.Credit Union Risk Assessment

The primary goals of a Credit Union Risk Assessment are:

  • Evaluate BIA assumptions using various threat scenarios
  • Analyze threats based on likelihood and potential impact to institution, members and financial market
  • Prioritize potential business disruptions based on severity which is determined by impact on operations and probability of occurrence
  • Perform “gap analysis” that compares existing BCP to policies and procedures to be implemented based on prioritized disruptions and resulting impact

A Credit Union Risk Assessment should meet the following criteria:

  • Be Based on comprehensive BIA
  • Be Documented
  • Reviewed and approved by Board and Senior Management annually
  • Disseminated to employees
  • Properly managed when outsourced to 3rd party

A Risk Assessment should address these specific items:

  • Provide specifics regarding what conditions should prompt implementation of the plan and the process for invoking
  • Immediate steps that should be taken during a disruption
  • Flexible for unanticipated scenarios and changing internal conditions
  • Focused on impact of various threats that could potentially disrupt operations
  • Developed based on valid assumptions and interdependencies

Risk Assessment

Once you have finished the BIA and now the Risk Assessment you should be in a good spot to start building individual plans for each department and putting in the content/resources you will need to create the actual Business Continuity Plan. Are you trying to determine the best way to store and organize a Business Continuity Plan Online? Do you worry about how to get your employees or co-workers engaged in the BCP process? If you have these or other questions please provide us a little information.