Achieving operational resilience requires integrating various risk management functions into a cohesive framework.
This section outlines the interaction of operational resilience with critical processes such as operational risk management, business continuity management, cybersecurity, outsourcing, and recovery planning.
This resilience strengthens the BSFI's viability and reinforces the financial system's stability.
Acknowledging that disruptions will occur, BSFIs must conduct forward-looking assessments, carefully plan responses, and integrate operational resilience into their risk management frameworks.
It is not a stand-alone goal but part of a broader governance structure that includes operational risk management, business continuity, cybersecurity, outsourcing, and recovery planning.
While operational risk management deals with reducing the risk of losses due to failed internal processes, systems, or external events, operational resilience focuses on the ability to maintain critical operations despite such failures.
Operational resilience aims to minimise the impact of disruptions on customers, market integrity, and the financial system rather than merely preventing loss. This broader focus ensures that critical services remain available even during adverse events.
Operational resilience, however, extends this focus by ensuring the end-to-end delivery of critical services across a broader range of potential disruptions.
While BCM may be triggered during a crisis, operational resilience covers a broader spectrum of capabilities, including crisis management, to ensure the delivery of critical operations through varying scenarios.
Integrating cyber resilience with operational resilience involves identifying critical operations, setting tolerances for disruption, and aligning cybersecurity priorities with the broader resilience framework.
This holistic approach ensures that BSFIs can withstand cyber threats while maintaining critical functions.
BSFIs must ensure that their third-party service providers have the same operational resilience level as the institution.
This includes maintaining resilience during both routine operations and potential disruptions. Adequate oversight and controls are essential to ensure third-party partners meet these standards.
The recovery plan is another critical component of operational resilience. It enables BSFIs to take pre-emptive measures to avoid breaching regulatory requirements and maintain financial resilience.
BSFIs should align their recovery plans with the operational resilience framework, mainly the critical functions and services identified.
This ensures that recovery from non-financial risks is fully integrated into the BSFI’s overall approach to maintaining critical operations during disruptions.
The BSP’s operational resilience framework encompasses a wide-ranging, integrated approach beyond isolated risk management strategies.
BSFIs are expected to embed resilience into their governance structures, ensuring they can continue providing critical operations during disruptions. This will support the stability of the financial system and the broader economy.
BSP Operational Resilience Guidelines |
|
|
||||
More Information About Blended Learning OR-5000 [OR-5] or OR-300 [OR-3]
To learn more about the course and schedule, click the buttons below for the OR-3 Blended Learning OR-300 Operational Resilience Implementer course and the OR-5 Blended Learning OR-5000 Operational Resilience Expert Implementer course.
|
|
||
|
|