Laserfiche WebLink
CONFIDENTIAL <br />Business Resiliency Planning <br />Recovering from or even avoiding a service disruption, whether a component failure or a full - <br />scale disaster, depends on a comprehensive and effective contingency and business recovery <br />planning process combined with experienced people to execute the plan. J.P. Morgan's <br />business resiliency plans address all parts of the business - including employees, facilities, <br />systems, telecommunications and clients. Our business resiliency plans are living documents <br />that are updated on an ongoing basis to incorporate lessons learned and tested regularly to <br />validate the effectiveness and completeness of the plans. <br />Business Resiliency plans are classified as "company confidential" and cannot be disclosed or <br />shared with external entities. For informational purposes, this document provides an <br />overview of the Business Resiliency planning, testing and implementation approach in place <br />for J.P. Morgan's Treasury Et Securities Services line of business. <br />J.P. Morgan uses an integrated Business Resiliency strategy that addresses both the disaster <br />recovery and business continuity planning required to resume operations from a disruption and <br />provide for continuing operations over the course of a business interruption lasting up to 30 <br />days. <br />J.P. Morgan's firm -wide Business Resiliency program complies with all applicable guidelines <br />from The U.S. Office of the Comptroller of the Currency (OCC), the U.S. Federal Financial <br />Institutions Examination Council (FFIEC) and the Interagency White Paper on Sound Practices <br />to Strengthen the Resilience of the U. S. Financial System. There are approximately 100 <br />guidelines worldwide for resiliency and our Corporate policies and LOB guidelines were <br />documented to account for the various global regulations and are subject to country audits. <br />Recovery strategies and plans are documented to account for the worst -case scenario, <br />involving loss of life and widespread geographic interruption. <br />The firm's Treasury Et Securities Services line of business maintains a dedicated staff <br />responsible for providing Business Resiliency services to all business units, The BR <br />professionals provide governance, oversight and compliance functions for business and <br />technology subject matter experts. The team is responsible for ensuring that corporate, <br />regulatory and country- specific requirements are met. <br />Disaster recovery strategies and plans (also known as information technology recovery plans) <br />address the recovery of critical systems and applications from an interruption to normal <br />processing cycles. A full range of technical solutions are used, with the specific technologies <br />applied to each application /function depending on the criticality and recovery time objective <br />of the specific application. Mainframe data centers use real -time disk mirroring and <br />redundant hardware. Server -based applications can also use disk mirroring, clustering, <br />geographically dispersed systems, and offsite tape backups, depending on the criticality and <br />recovery window of the application(s). <br />Documented business continuity strategies and plans address the recovery of functions and /or <br />people to one or more viable alternate recovery sites. When similar processes utilizing like <br />systems are performed at multiple locations, the use of a sister site or distributed operating <br />model is generally the preferred recovery approach. A sister site is defined as a facility that <br />performs like processes, using similar systems and equipment, and where local management <br />possesses expertise on the processes to be recovered at that location. In situations where <br />only workspace or access to remote applications is required, other J. P. Morgan locations <br />outside the production site zone are the preferred approach. <br />JTMor�an <br />