Business Continuity and Disaster Recovery Plans

By Jeff Wilk and Tim Buckler

Disaster Recovery Plans - ants on green leaves

Review Your Business Resiliency Strategy

While today’s businesses need to be ready to handle any sized disaster 100% of the time, it may only take one event to completely disrupt your business, or worse. Not even the most well-managed organization is exempt from the potential risks associated with even the smallest degree of business interruption. Undertaking a thorough review of your current business resiliency strategy is a must.

A comprehensive, strategic plan includes three components:

  1. Business Continuity Plan
  2. Disaster Recovery Plan
  3. Incidence Response Plan

While these terms are often used interchangeably and focus on the basic needs of keeping a business running in the case of a business disruption, they are not the same. Each one of these is different in its definition and development, has different situations which activates them, and focuses on unique aspects of action.

Software Demo Watch the on-demand demo of Oyster Solutions to learn how the comprehensive platform can help manage your compliance, supervision, and reporting obligations.  

Business Continuity – Significant business disruptions that prevent employees from coming to the office or prevent them performing their duties. For example, a fire destroys an office building.

Disaster Recovery – Disasters that cause network infrastructure or data to become corrupted or unavailable. For example, a power surge knocks out a server.

Incidence Response – Network or security incidents that can result in unauthorized access, data compromise or data egress. For example, a phishing attack.

We often see clients with business continuity or disaster recovery plans that have only the most basic of components, and that are not customized to meet their specific needs. Oyster Consulting has extensive experience working with firms on their business resiliency. Our experts will collaborate with your team to establish the right overall plans customized to your business and provide guidance on how to activate that plan at the right time. Together, these can make all the difference with your firm’s ability to recover from a disruptive event at anytime, anywhere. 

Our process can take you through exercises including, but not limited to:

  • Current risk identification
  • Business impact analysis
  • 3rd party exposure
  • Key position and function identification
  • Geographic footprint considerations
  • Work from home policies and connectivity requirements
  • Adherence to regulatory mandates
  • Data protections
  • Recovery site, recovery time and recovery point identification
  • Response scripts, mock event testing and tabletop exercises
  • Internal and external communication template creation
  • Employee education

Oyster’s industry professionals have first-hand experience as firm leaders in business resilience strategy, development, and implementation. This includes incident/event management, technology infrastructure resilience and recovery, and operations management. Oyster understands how to help identify and prioritize critical activities and deliver testing plans to mitigate the impacts of business disruptions. Our solutions are practical and tailored to your firm’s business model.

About The Authors
Photo of Jeff Wilk

Jeffrey Wilk

Jeff Wilk started his career as an Advisor and has a strong track record of executive success in strategic planning and execution, business assessment, transformation and growth. Jeff was directly accountable for several mergers/acquisitions, product and digital platform transformations, patent-pending products, and operating model RFPs and overhauls, including delivering the industry’s first “Robo” platform.

More About Jeffrey

Photo of Tim Buckler

Tim Buckler

Tim Buckler has spent 10 years in the financial services industry, with a focus on project management, cybersecurity, data analysis, and compliance. Tim’s experience includes project management support for clearing platform conversions, cybersecurity assessments, GDPR and CCPA assessments, performing 12b-1 Mutual Fund fees analysis for regulatory initiatives, and ownership changes for custodial IRA held annuities.

More About Tim

Related Content

Compass representing the direction registered reps need for compliance

Blog

Registered Representative Compliance – Must Know Essentials

You’ve decided to enter the exciting world of wealth management and want to work at a broker-dealer as a Registered Representative. Now what? Qualifications Overview To be a Registered Representative (Registered Rep), you must be registered with an SEC registered broker-dealer, pass a qualifying exam, and be licensed by your state securities regulator. The firm will […]

Learn More
star nebula representing AI in wealth management part 2

Podcast

AI in Wealth Management Podcast Series Part 2

AI’s Role in Transforming Wealth Management Artificial intelligence is increasingly integral to the wealth management sector’s shift towards data-driven, personalized, and secure services. However, as firms embrace AI technology, they also face escalating regulatory demands and risk management hurdles. In Part 1 of our Oyster Stew podcast series on AI and Wealth Management, we shared […]

Learn More
Alert birds on wire representing SEC T+1 Alert

Blog

SEC Issues T+1 Risk Alert

T+1 Risk Alert Highlights Examination Focus The U.S. financial market’s move to a T+1 settlement cycle has taken tremendous resources from industry participants including buy-side and sell-side participants, custodians, and clearing agencies. Not to be left out, regulatory authorities have finalized rule changes governing settlement activities to enforce the T+1 settlement cycle. The SEC Division […]

Learn More
Get In Touch Scroll Up