Laserfiche WebLink
cowr|n ENT |^L <br />Business Resiliency P|aDDiO@ <br />Recovering from ur even avoiding a service disruption, whether a component fnibreorz full- <br />scale disaat*r'depeods^aacvnnprrhenshpandet[ecUvecoutingencyandbu»inr#,wuov*ry <br />planning process combined with experienced people to execute the plan. J,P. Morgan's <br />business/edUencyptxnsmddresso8ya/tso(\hebm^iocoinc(odingemp\oycc:,fadKries, <br />sy*\,n^*,te(ecommunicadnnsandchentz.OurbuoinessresiUeocypinnxaroUvingdoc000eois <br />that are updated on an ongoing basis to incorporate lessons learned and tested regularly to <br />validate the effectiveness and completeness nf the plans. <br />Business Resiliency plans are c(assified as "company confidential" and cannot be disclosed or <br />shared with external entities. For informational purposes, this document provides an <br />overview of the Business Resiliency planning, testing and implementation approach in place <br />for ],P.mnrgan's Treasury EtSecurities Services tine ofbusiness. <br />J. P0\o/ganvsesanintegratedBusinessKcsi|iencystrategy1hat addresses both the disaster <br />recovery and business continuity planning required to resume operations from a disruption and <br />provide for continuing operations over the course of a business interruption tasting up to 30 <br />days, <br />J,P, Morgan's firm-wide Business Resiliency program complies with all applicable guidelines <br />from The U.S, Office of the Comptroller of the Currency (OCC), the U.S. Federal Financial <br />Institutions Examination Council (FF|EC) and the interagency White Paper on Sound Practices <br />to Strengthen the Resilience of the U. S. Financial System. There are approximately 100 <br />guidelines worldwide for resiliency and our Corporate policies and LOB guidelines were <br />documented to account for the various global regulations and are subject to country audits. <br />Recovery strategies and piuns are documented to account for the worst-case scenario, <br />involving loss o( life and widespread geographic interruption, <br />The firm's Treasury 8: Securities Services line of business maintains a dedicated staff <br />responsible for providing Business Resiliency services to at[ business units. The BR <br />professionals provide governance, oversight and compliance functions for business and <br />technology subject matter experts, The team is responsible for ensuring that corporate, <br />regulatory and country- specific requirements are met. <br />Disaster recovery strategies and plans (also known as information technology recovery plans) <br />address the recovery "f critical systems and applications from un interruption t*normal <br />processing cycles. A full range of technical solutions are used, with the specific technologies <br />appiied to each apptication/f unction depending on the criticality and recovery time objective <br />of the specific application. Mainframe data centers use real-time disk mirroring and <br />redundant hardware. Server-based applications can also use disk mirroring, clustering, <br />geographically dispersed systems, and o/bite tape backups, depending un the criticality and <br />recovery window o[ the ^pp|icnbnn(s). <br />Documented business continuity strategies and plans address the recovery uf functions and/or <br />people to one or more viable alternate recovery sites. When similar processes utilizing like <br />systems are performed atmultiple locations, the use ofa sister site o. distributed operating <br />model 1s generally the preferred recovery approach. A sister site is defined asa facility that <br />performs like processes, using sirnaiar systems and equipment, and where local management <br />possesses expertise on the processes to be recovered at that location. In situations where <br />only workspace or access to remote applications is required, other J.P. Morgan locations <br />outside the production site zone are the preferred approach. <br />JYM0ro*an <br />��� �� <br />�����m� <br />