Business Continuity Planning Policy Manual

In today’s environment, business leaders are increasingly aware of potential threats to their businesses. These threats may come in the form of terrorism, natural disasters, pandemics, targeted cyberattacks, and more. Regulators have likewise placed increased focus on the ability of the financial services industry as a whole to recover from disruptive events and resume business with minimal impact to the financial system. The Business Continuity Planning Policy Manual from AllRegs addresses the requirements of the Consumer Financial Protection Bureau (CFPB) and audit guidance provided by the Federal Financial Institutions Examination Council (FFIEC). Businesses of any size or structure can make use of this flexible policy which lends itself to deeper implementation as your organization grows.


This policy manual provides an overview of business continuity planning objectives and covers the following topics:

  • Business Continuity Planning Processes
  • Business Continuity Plan Overview
  • Business Description
  • Event Types
  • Plan Logistics
  • Risk Assessment
  • Business Impact Analysis
  • Business Continuity Organization
  • Event Phases Objectives
  • Test Plans and Execution
  • General Event Preparedness
  • FFIEC Tools and Resources
  • Agency and Regulatory Business Continuity Plan Requirements


The policy features the following benefits:

  • Establishes staff training requirements
  • Defines roles and responsibilities
  • Helps meet regulatory and internal compliance requirements
  • Provides guidance on determining risks and impacts
  • Explains how to analyze potential event types and the relative threats to operations
  • Offers guidance on developing a Business Continuity Plan specific to the organization
  • Includes general information for creating a test program
  • Allows policy revisions to fit your business model
  • Delivered via email within one business day

Optional Services

Maintenance: Receive regular and ongoing industry updates to keep your policy within regulatory requirements.

Publishing: Publish your manual, including your company procedures, in AllRegs Online to complete your policy manual solution.

Contact your account manager for information regarding these optional services!

Policy Manual
Business Continuity Planning
Section Title Priority Action
1.1 Goals and Objectives Mandatory Review Include the point of view or culture of your organization in this section, if applicable.
1.2 Required Review Mandatory Review Be sure this accurately reflects your company’s annual policy review process.
1.4 Roles and Responsibilities—Senior Management and Board of Director Mandatory Review Include here the specific roles and defined responsibilities of Senior Managers in your organization as related to Business Continuity planning
2.1 Internal Controls Mandatory Review Include or reference related procedures in this section.
3 Staff and Training Mandatory Review Include the means by which your organization provides and tracks required training.
4 Business Continuity Planning Processes Mandatory Review This section includes reference to a Business Continuity Coordinator and/or Team. This position is referenced throughout the Plan. You should identify in this section who (by job title) will assume this role.
6 Business Description Mandatory Review Modify this section to describe the nature of your business and your business model. You will also need to include specific information regarding all of your office locations, data center locations, emergency sites, and data backup/application failover sites.
8.2 Plan Location, Distribution and Access Mandatory Review Identify specific physical and network locations (with URLs and filenames) where the plan is stored.
9.1 Risk Scenarios Recommended Best Practice Develop and include the BCP Risk Scenario table with risk assessments specific to your organization.