Welcome » IT Booklets » Business Continuity Planning » Risk Monitoring and Testing » Principles of the Business Continuity Testing Program
Risk monitoring and testing is the final step in the cyclical business continuity planning process. Risk monitoring and testing ensures that the institution's business continuity planning process remains viable through the:
Risk monitoring and testing is necessary to ensure that the business continuity planning process remains viable through the incorporation of the BIA and risk assessment into an enterprise-wide BCP and testing program. The testing program has become a key focus of banking supervisors, in light of recent, catastrophic events, and has received heightened attention within the financial services industry because such a program can be used to validate the viability of the BCP. As such, there are various principles that should be followed by financial institutions when developing a testing program.
The following principles should be addressed in the business continuity testing program of all institutions, regardless of whether they rely on service providers or process their work internally:
A key challenge for management is to develop a testing program that provides a high degree of assurance for the continuity of critical business processes, including supporting infrastructure, systems, and applications, without compromising production environments. Therefore, a robust testing program should incorporate roles and responsibilities; a testing policy that includes testing strategies and test planning; the execution, evaluation, independent assessment, and reporting of test results; and updates to the BCP and testing program.