Data intrusion, Ponzi schemes, weather events, health pandemicemergences, branch robberies, terror threats and attacks,earthquakes, tsunami tidal waves, cyber attacks, “Occupy” eventsand other events pose risk to assets, people and reputation.
|These events and others fall within the description of “criticalincidents.” As mandated by government regulations and best businesspractices credit unions have implemented extensive and robustbusiness continuity and business contingency plans. These planscoupled with post-event recovery practices have helped financialinstitutions retool in many circumstances.
|However, a business gap exists in this traditional businessapproach. In between BCP and recovery is the process of criticalincident management.
|This article provides a high-level introduction to the subjectincluding critical incident management roles and tasks for creditunions.
|Critical Incident Definition and Impact on CreditUnions
|A critical incident is any event or series of events that hascaused, or could lead to one or more of the following:
- People being harmed, injured or killed
- Disruption of business
- Disruption to customer service
- Financial losses
- Reputational damage to the financial institution
- Compliance compromise
All credit unions regardless of size, location, productofferings and security measures are vulnerable to humanexploitation and natural disasters. These threats result incritical incidents. The incidents can originate from:
- Natural disasters
- Disgruntled or troubled employees, former employees orcustomers
- Individuals or groups engaged in criminal activity and/ortechnology intrusion
- Gangs, drug dealers, organizations or cartels, ethnic organizedcrime groups, terrorists or terrorist groups
Typically, credit union leaders do not possess expertise inemergency critical incident management to respond competently toincidents. These leaders should not be expected to be criticalincident management experts.
|What is needed is a system to have information, procedures,guidelines and practices in place to enable leaders to manage acritical incident. The operational goal(s) of credit unionscritical incident management leaders is to:
- Restore normal operations as quickly as possible
- Minimize impact on business operations
- Ensure best possible level of service quality and availabilityis maintained
- Contain incident – enhance safety and prevent loss
- Minimize chaos and disruption
- Maximize communications, continuity and organization
The organizational challenge with any type of incident responselies in the ability to utilize existing human capital andtechnology tools. Unfortunately in times of a crisis, credit unionemployees have had to rely on information contained in a five-inchresponse manual notebook sitting on the shelf covered withdust.
|Alternatively the credit union should have user-friendly toolsincluding guides, checklists and procedures that are integratedwith easily accessed technology software. These tools should beavailable to all employees' enterprise wide. The software utilityshould include functionality to:
- Organize CU response quickly and consistently
- Communicate effectively between levels of response andmanagement
- Locate and communicate with resources, internal and external,on a 24/7 basis
- Maintain business continuity and manage the impact of theincident on the organization at the highest level while othersunify their scene response to resolve the incident
- Demonstrate “day-to-day” compliance with regulatorymandates
During a critical incident there are four levels of response andmanagement. In most credit unions personnel participate in all fourlevels. The levels include:
- Initial response by employees
- Incident scene management using command post concept
- Administrative level management using an emergency operationscenter
- Executive policy group
An Opportunity for Thought Leadership
|Most credit unions have installed and deployed businesscontinuity planning and software and have detailed businessrecovery steps. In comparison, critical incident managementprograms and software have not been integrated. Critical incidentmanagement is needed to fill the operational gap to elevateorganizational effectiveness and mitigate threat risk.
|RobertA.Goldfinger is president of Lormel Goldfinger Global Group LLCand subject matter consultant for BowMac Software.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Critical CUTimes.com information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
- Exclusive discounts on ALM and CU Times events.
- Access to other award-winning ALM websites including Law.com and GlobeSt.com.
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
