How to Incorporate BCM Into Your ERM Program

As the world has adjusted to living with a Pandemic, community financial institutions must continue being resilient and mold their operations to the changing regulations and environment. The Pandemic triggered all the risk categories and it brought to light how interrelated all risks are.

In this basic course, you will learn how to switch perspectives from having a Business Continuity Plan to an ongoing Business Continuity Management (BCM) system and how to integrate it into your Enterprise Risk Management (ERM) Program. Marci Malzahn will take you through the key elements of the FFIEC’s Business Continuity Management Booklet that is part of the FFIEC’s IT Examination Handbook. You will walk away with a deeper understanding of ERM, BCP, and BCM and with some practical tools to increase your resiliency.

Part I: Pandemics and ERM

  • The ERM Puzzle
  • Where does the Pandemic Plan Belong?
  • When do you activate the Pandemic Plan?
  • Types of Adverse Events
  • Types of Risk Categories
  • Pandemics and ERM – Interrelated Risks
  • COVID-19 Risk Assessment

Part II: Business Continuity Management

  • Business Continuity Management (BCM) and Business Continuity Plan (BCP)
  • The BCM Cycle, Governance and Responsibilities of Leadership and Board
  • BCM Audit and BCM Elements relative to ERM
  • What does “Resilience of Operations” mean and how do you become resilient?
  • Business Continuity Strategies

Part III: Life with COVID-19 – Resiliency

  • Vendor Management: The role of Third-Party Service Providers
  • Business Continuity Plan: Definition, Elements, and Components
  • BCP and Incident Response, Disaster Recovery, Crisis Management, and Training
  • The importance of testing and what to do with the results
  • Pandemic Planning
  • Pandemic End-of-Crisis Risk Assessment: One risk category at a time

Covered Topics

  • The difference and relationship between the BCP and the BCM
  • The BCM Cycle
  • The BCM Governance and Responsibilities of Senior Management and Board
  • How BCM fits in within the ERM umbrella
  • What does “Resilience of Operations” mean and how do you become resilient?
  • Business Continuity Strategies
  • The role of Third-Party Service Providers (Vendor Management)
  • Incidence Response for the various types of incidents
  • The importance of testing and what to do with the results
  • What to expect from an examination

Who Should Attend?

Enterprise Risk Management leader and ERM team, IT personnel, IT Director, IT leaders or those who have IT reporting to them, senior leadership involved in BCM or who want to learn how BCM and ERM are integrated.