Laserfiche WebLink
a <br />r <br />z <br />u <br />w <br />0 <br />u <br />w <br />�Y <br />o_ <br />v <br />H <br />�n <br />Business Resiliency Planning <br />Recovering from or even avoiding a service disruption, whether a component failure or a full - <br />scale disaster, depends on a comprehensive and effective contingency and business resiliency <br />planning process combined with experienced people to execute the plan. J.P. Morgan's <br />business resiliency plans address all parts of the business - including employees, facilities, <br />systems, telecommunications, and third parties. Our business resiliency plans are living <br />documents that are updated on an ongoing basis to incorporate lessons learned and tested <br />regularly to validate the effectiveness and completeness of the plans. <br />Business Resiliency plans, recovery time objectives, test dates and results are classified as <br />"company confidential" and cannot be disclosed or shared with external entities. For <br />informational purposes, this document provides an overview of the Business Resiliency <br />planning, testing and implementation approach in place for J.P. Morgan's Corporate & <br />Investment Bank line of business. <br />J.P. Morgan uses an integrated Business Resiliency strategy that addresses both the technology <br />recovery (IT Resiliency) and business continuity planning (Business Resiliency) required to <br />resume operations from a disruption and provide for continuing operations over the course of <br />a business interruption. <br />J.P. Morgan's Firm -wide Business Resiliency Program is designed to comply with all applicable <br />guidelines from the U.S. Office of the Comptroller of the Currency (OCC), the U.S. Federal <br />Financial Institutions Examination Council (FFIEC) and the Interagency White Paper on Sound <br />Practices to Strengthen the Resilience of the U. S. Financial System. Additionally, there are <br />approximately 100 guidelines worldwide for resiliency. As there is no universally accepted <br />global resiliency regulation, the Firm views the guidelines as requirements to create Firm - <br />wide standards as opposed to adopting a single regulation or standard as the Firm standard. <br />Our corporate policies and line of business guidelines are documented to account for the <br />various global regulations. The Firm's Corporate B Investment Bank line of business business <br />resiliency plans are subject to audits by various regulatory agencies, including the U.S. Federal <br />Reserve, the U.S. OCC, the U.K. Prudential Regulatory Authority and the Financial Conduct <br />Authority, Asia - Pacific monetary authorities and others. <br />Recovery strategies and plans are documented to account for both the typical planning <br />scenario and the worst -case scenario, involving loss of life and widespread geographic <br />interruption. The corporate planning standard requires that the recovery strategies are <br />sustainable for 30 days. <br />J.P. Morgan's Global Business Resiliency group is responsible for leading the Firm -wide <br />Business Resiliency Program. This Program includes corporate governance, awareness and <br />training as well as strategic and tactical initiatives to ensure that risks are identified, <br />assessed, and managed through a cycle of risk assessment, planning, testing and reporting. <br />Program governance utilizes a hierarchy of oversight committees to ensure visibility of the <br />Firm's resiliency capabilities and requirements. The Business Resiliency Program and related <br />governance structure is ultimately accountable to the Board of Directors of J.P. Morgan and <br />reports into the Board of Directors through its Audit, Operating and Management Committees. <br />The Firm's Corporate It Investment Bank line of business maintains both a dedicated staff <br />responsible for providing Business Resiliency services to all of its sub - business units and a <br />JT organ <br />55E -279 <br />