BCI World 2018: Regulations
With regulations such as GDPR, it is important that you understand what data you have in your organization. But you must also know how to act on it and how to classify it so that policy can be applied accordingly. To comply with the new GDPR, organizations are required to ensure they put in place robust Business Continuity/ Disaster Recovery plans to support the protection of their data.
It is good practice for an organization to create a list of all known or anticipated natural and man-made threats. After identifying these, an organization should access the risks and focus on the threats with the highest priority of the likelihood of them occurring.
To create a successful business continuity plan, testing should take place thoroughly to record lessons learnt and the likely recovery time. Also, to assess whether it meets the organization's requirements.
Organizations should also have backup arrangements in place based on the importance of systems and related data, and the frequency of data changes. For effective system recovery, the most recent backups should be stored offsite, in line with good practice. Regular tests of backups should be undertaken to ensure their reliability. In addition, there should be periodic tests of full system recovery.
Want to find out more about good practice and complying with regulations such as GDPR? Make sure you attend our sessions at BCI World Conference and Exhibition this November.
Tuesday 6th November:
11:00 – 11:50 am – The ripple effect of the financial service operational resilience discussion paper.
11:55 – 12:30 pm – Over-under wagers: gambles with narrow margins in the 72-hour RTO of the GDPR.
To find out more about the insightful sessions we have in store for you this year, please click here.
About the author
Content Manager at the BCI