Business Continuity and Disaster Recovery Strategy for a financial istitution
Our client is a major participant in the financial services industry, with a share capital of 10 million euros and 80 million euros in loans to 2000 consumers in 2021. Its customers are mostly small to medium-sized businesses (200 workers and/or more than 100.000€ in sales).
In order to operate in the national banking market, a specific license provided by the national Authority (BankIT) was required and this could only be obtained if the bank evidenced the mandated Business Continuity requirements.
The client needed to address the main Business Continuity areas by defining the internal regulations and tools to be shared to the National Authority in order to obtain approval.
The client needed to focus on the ICT environment as deployed within Microsoft Azure.
The client also needed to take into account the working characteristics of its employees, which included smartworking in a fully integrated manner. Born as a FinTech start-up with a strong affiliation with Artificial Intelligence, our client's
The entire ICT Architecture was already deployed in a cloud environment (IaaS).
Company Processes and Procedures were not yet formalised. CyberSec team had to determine, collate and provide to the national regulator, in order to obtain the Banking License, all the required internal regulations and methodologies
In depth knowledge of the area of operation within the sectors and industries of the small to medium sized companies, BIP CyberSec “smart team”, with resources that can provide strong synergy between Business Continuity topics and technical areas (in particular, Cloud environment competencies), analysed the Business Processes by criticality, priority and impact to the Business Continuity and the ICT environment within the company operations. Thanks to the highly skilled and extensive competencies within Business Continuity topics, supported by comprehension of new working habits as dictated by the COVID-19 event, BIP CyberSec team was able to:
- Formalise the Business Continuity Policy to describe the company’s resilience strategy
- Define the methodology to perform the Business Impact Analysis in reference to the bank’s context
- Perform the Business Impact Analysis on the main Business Processes
- Generate and analysed different Business Continuity Scenarios of relevant and impact to the organization’s operational resilience.
- Formalise and define of the Business Continuity Plan and Disaster Recovery Plan
- Enable dissemination and approval of relevant documentation to the Board of Directors and National Authority (BankIT)
After the understanding of the environment and its peculiarity, BIP CyberSec enabled the client to obtain its banking license by the National Authority (BankIT).
Defined a sustainable Disaster Recovery Plan, that matched the growth aspirations of this company (from FinTech to Commercial Bank).
Business Processes Analysis
Business Processes Analysis
Business Continuity Policy
Disaster Recovery Plan