It’s never too late to start preparing your business on what to do in the event of a crisis, and that has never been more true for the financial services industry.


The guidelines known as Service Organization Controls (SOC) established by the American Institute of Certified Public Accountants are a collective effort to mitigate financial, operational, and compliance risks through adherence to Trust Service Principles. Financial service organizations are required to ensure availability and accessibility of their systems in addition to effective controls around the data. This ensures your ability to manage a disruption of service due to a crisis, emergency, or disaster scenario. Here are five key tips to consider to prevent a crisis.

Here are five key tips you need to consider (and may not already have in place):

1. Perform a Risk Assessment

You must perform a risk assessment periodically and this assessment must consider all threats including fire, natural disasters, and workplace violence to name a few.

2. Conduct a Business Impact Analysis

The backup and recovery strategies for your organization should be developed from a systematic review of your business requirements. This is often done through a business impact analysis (BIA) where an independent organization will examine the components of your organization and structure and help you determine the requirements to recover the business.

3. Develop a Business Continuity Plan

The resulting resiliency plans, often called business continuity plans (BCP) and disaster recovery plans (DRP), must account for the issues discovered during the risk assessment and BIA. These actionable plans develop a strategy to be implemented during a business disruption and should include team with functional plans using a workable, all-hazards strategy.

4. Test your Plans

You must test both your BCP/DRP at least annually. Tests range from tabletop drills to full-scale simulation exercises which test the effectiveness of the plan as well as the organization’s knowledge of (and ability to use) the plans.

5. Ensure Electronic Access to your Plans

Critical personnel (as identified in your plans) must have electronic access to the plans, wherever they are physically located at a given time. These plans are stored on- and off-site, to ensure accessibility in the event that traditional paper documents are damaged or destroyed.

For further help on any of these tips, e-mail us at contact us directly or give us a call at 404.662.2950. Our Services team is here to customize plans to help your business prepare for any crisis. Also, follow us on Twitter and Facebook for daily updates on industry news and events.