Jump to main content

Disaster Recovery FAQ

What should my disaster recovery plan include?

Your credit union’s disaster recovery plan should include a series of anticipated or unplanned disasters and scenarios from which you would need to recover. It should address guidelines that you have in place to operate in a safe, compliant nature when not all your systems are functional.

Key components of disaster recovery include:

  1. Critical business processes and activities that need to be maintained when IT systems and/or applications are unavailable. This process should also include a list of software and systems that admins would need to use in the recovery of those applications.
  2. The priority level of each system recovery and restoration, also reflected in the Business Impact Analysis (BIA). Any systems that have dependents, such as electricity or your credit union’s core service provider, should take precedence to non-critical systems.
  3. Coordinated strategy for recovering data centers, networks, servers, storage, service monitoring, user support, and related software. This would address the steps necessary to getting each of these components functioning once again, as well as the individual at your credit union assigned to aid the process and their contact information.
  4. If your credit union is not operating in the cloud, allowing you the ability to work remotely, you may also want to include a diagram of the entire network and recovery site, as well as directions/instructions for reaching that location.

Per FFIEC, your disaster recovery plan should also address:

  1. Security controls and protocols for the implementation and operation of recovery systems
  2. Procedures for restoring backlogged activity or lost transactions, identifying how transaction records will be brought current within expected recovery time frames
  3. Instructions to access critical information repositories and other resources when the primary facility is unavailable

Your disaster recovery plan should be a living document that is reviewed and updated on an annual or semi-annual basis. The plan should be reviewed and tested on occasion to ensure its accuracy and proficiency if a recovery is required. Additionally, if there are any changes made in your business, such as key personnel staffing changes that could directly affect disaster recovery, adaptions to the plan must be made and additional training should be provided.

Which disasters should my credit union plan for?

Your disaster recovery plan should address a wide range of events that would cause harm to your business. You should consider disasters that would cause physical harm to your physical operations, a significant decrease in your workforce, technology failures, infrastructure failures, potential reputational damage, and other harmful scenarios that would significantly hurt your day to day business. If technology is on-premise versus cloud-based there are different considerations. Some potential scenarios include: a natural disaster (tornado, fire, earthquake, hurricane, snow storm); cyber-attacks (malware and ransomware, phishing and spear phishing attempts, Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks, DNS hijacking and spoofing, or network/server hacking); epidemics and pandemics; hardware and software failures; or disgruntle employee damages.

Which systems are deemed critical versus non-critical in disaster recovery plans?

If it helps you to better understand impact, your credit union may develop tiers for your disaster recovery efforts, like those used for natural disasters, such as the Richter or Fujita scales. Examples of tiers you could use are as follows:

Tier 1: Non-Critical/Low Impact – Systems that improve the effectiveness or efficiency but are not required for normal business functionality.

Tier 2: Medium/Moderate Impact – Systems which are important to daily business operations. Loss or failure of these systems would have a modest impact on your credit union if not functioning in the next 2-3 business days.

Tier 3: High/Major Impact – Systems that are crucial to your daily business operations. Loss or failure of these systems would have a significant impact on your credit union if not functioning in the next 24 hours.

Tier 4: Critical Impact – Systems that are critical to your daily business operations. Loss or failure of these systems would have an extreme impact on your credit union if not functioning in the next 2-4 hours.

Tier 5: Core Infrastructure – Systems that your credit union would not be able to operate without. They often have other systems that are dependent on them working in order to function. Immediate recovery is necessary in order to prevent substantial damage or interruption.

Per FFIEC, when categorizing your systems, your team should exercise caution towards what you deem critical and non-critical. For example, online banking may not seem critical to your operation functioning normally; however, this system plays a critical role in delivering services to members during a disruption. Your credit union should also consider any marketing processes/procedures in place. If your main form of communication to members is via email, and a disaster prevents you from accessing the Internet, how would your credit union adapt?

It is also essential to know which systems are dependent on one another. By creating a Gantt chart, used for recovering, you will know approximately how long it will take your credit union to normalize again. Gantt charts update in real time, dynamically so that additional systems dependent on the core processor will note changes and recovery times if a delay occurs.