Technology is changing at a rapid pace. Continuity and recovery plans must keep up with these changes to remain current and relevant with today’s operations. Failing to do so puts the organization at risk during an outage. This requires continuous auditing and testing.
The Business Continuity Plan should be reviewed and approved by the board and senior management annually and revised when either of the following conditions are met:
- Changes in potential threats or risks
- Considerable changes in business operations, functions or processes,
- Considerable changes in system or network architecture,
- Audit recommendations, and/or
- Lessons learned from recovery tests, training exercises, or actual events (planned or unplanned).
Copies of the CU*Answers Business Continuity Plan are available to in-network credit unions upon request.
Recovery Plan Testing
An active recovery plan test and exercise program helps to:
- Verify completeness and accuracy of the plan.
- Identify areas within the plan that should be enhanced or updated to improve the effectiveness
- Provide training for recovery teams
- Demonstrate the ability to recover and build confidence
Regularly testing our recovery plans provides the maintenance windows needed to give our systems a tune-up through hardware and operating system upgrades and replacement without requiring application downtime. Keeping our systems running on all cylinders increases availability when we and our clients need it most.
Results from each CU*Answers’ High Availability Rollover exercise and Disaster Recovery test are published in a report and available below for download. In-network credit unions are encouraged to review each report and to include them in their board packet documentation.
CU*Answers High Availability and Disaster Recovery Test Reports
The following recovery test analysis reports are available for your review. We encourage you to include them in your next board meeting minutes. Please CONTACT if you have any questions regarding the reports or the CU*Answers recovery testing program.
CU*BASE/GOLD HA Rollover Reports
- September 2024 Report
- March 2024 Report
- September 2023 Report
- May 2023 Report
- December 2022 Report
- July 2022 Report
- February 2022 Report
- September 2021 Report
- May 2021 Report
- September 2020 Report
- March 2020 Report
- November 2019 Report
- February 2019 Report
- September 2018 Report
- May 2018 Report
- September 2017 Report
- March 2017 Report
- December 2016 Report
- October 2016 Report
- April 2016 Report
- September 2015 Report
- April 2015 Report
- September 2014 Report
- May 2014 Report
- November 2013 Report
- September 2013 Report
- June 2013 Report
- November 2012 Report
- May 2012 Report
- February 2012 Report
View our High Availability Rollover Schedule
It’s Me 247 HA Rollover Reports
- March 2024 Report
- December 2023 Report
- February 2022 Report
- September 2021 Report
- September 2020 Report
- August 2019 Report
Disaster Recovery (DR) Test Reports
- June 2021 Report
- May 2015 Report
*The May 2015 Report summarizes the final Disaster Recovery Test performed at the IBM hot-site location. The traditional (DR) strategy is no longer able to meet minimum RPO/RTO requirements. In 2016, the High-Availability (HA) Rollover Test has become the primary recovery strategy.
- May 2014 Report
- May 2013 Report
- April 2012 Report
- May 2011 Report
Item Processing Recovery Reports
- April 2024 report
- March 2023 report
- March 2022 report
- August 2019 report
- August 2018 report
- September 2017 report
- June 2016 Report
- January 2016 Report
- December 2014 Report
- November 2012 Report
- December 2011 Report
Statement Printing Recovery Reports
- October 2024 Report
- October 2023 Report
- October 2022 Report
- October 2021 Report
- October 2020 Report
- October 2019 Report
- October 2018 Report
- October 2017 Report
- October 2016 Report
- May 2015 Report
- May 2013 Report
- November 2011 Report
For the Credit Union
Creating a recovery plan without testing it provides a false sense of security. If it’s not tested regularly, you can’t be sure it will work when you need it the most. Postponing plan maintenance and recovery testing results in stale plans in the hands of untrained staff.
Methods of testing include:
- Life safety exercises
- (i.e., evacuation / shelter-in-place)
- Plan walk–through / tabletop reviews
- (i.e., review plan, conference/meeting room)
- Scenario-based tabletop exercise
- (i.e., simulation, conference/meeting room)
- Alternate site exercise
- (i.e., recovery at designated alternate site – hot site)
- Standalone exercise
- (i.e., single business unit or process)
- Full end to end functional exercise
- (i.e., recovery for functional area)
- Comprehensive exercise
- (i.e., recovery for entire organization – offline)
- Integrated exercise
- (i.e., mixed with production – online)
Planning and coordinating a testing schedule can seem overwhelming. A good place to start is with a tabletop exercise. Designed to increase awareness, Tabletop exercises inform staff of their roles and responsibilities during a simulated incident or disruptive event, and engages them in team-building activities, as they collaborate on the recovery effort.
An example of a tabletop exercise can be reviewed here. For this exercise, the CU*Answers Business Continuity Team and the Records and Information Management Team (RIM) worked together to simulate a Litigation Hold Scenario. This exercise provided an opportunity for the appropriate response team to “walk-through” the response plan and identify areas for improvement.
- Download and view the CU*Answers Litigation Hold Tabletop Exercise Report
For more information, see the Resilient Credit Union
Next Steps
CU*Answers offers professional and managed services to help you meet and exceed your recovery objectives. Contact a CU*Answers Continuity Consultant today to discover in-network solutions that best meet your business objectives.
Professional Services available include:
- Business Continuity Planning and Resilience Testing
- Information Security Risk Assessment
- Comprehensive Information Security Program (CISP)
- Staff Security Training
- IT Examination and Audit Preparation
- IT Strategy Consulting
Managed Services available include:
- Network Management and Monitoring
- Continuous Data Protection (CDP) including off-site data storage
- Virtual Branch / Virtual Office
![[The Pulse] HA Rollover Results Now Available](https://www.cuanswers.com/wp-content/uploads/The-Pulse-Disaster-Recovery-email-banner-7.21-300x121.png)
