header

Business Continuity


A Business Continuity Management System “BCMS" has been established, within the framework of Business Continuity Management Policy according to ISO international standard 22301, to decide the CBE's critical activities provided to domestic banks, the government, and economic institutions to maintain liquidity in the banking sector, the RTGS, SWIFT payments, international reserves management, open market operations and any related activities. As such, the Department categorises and analyses incidents that can impact the CBE in case any of these activities is interrupted, and then take the necessary steps to mitigate any disruption risk to be able to effectively and efficiently respond in case any incident materialised.

The Department framework comprises:

  1. Implementing the Business Impact Analysis (BIA) on a bank wide basis to highlight the critical activities and their qualitative & quantitative impacts after disruption according to the expected scenarios in cooperation with concerned sectors and departments.
  2. Developing recovery strategies according to the expected disruption scenarios and potential threats, to resume CBE's critical activities during emergency by predefined resources and within an acceptable time frame.
  3. Developing business continuity plans that are used as a response to expected incidents and their consequences. These plans enable business resumption and recovery of critical activities with minimum resources, whether human or financial within acceptable time frame (RTO).
  4. Setting up and preparing the Disaster Recovery (DR) and Business Continuity (BC) sites and connecting them to the main data center /disaster recovery site, to ensure that the CBE can perform its role during emergency. Those sites are periodically tested for all expected disruption scenarios.
  5. The CBE “Crisis & Business Continuity Steering Committee" carrying the following roles and responsibilities:
    • Preparing for crisis/ emergency response.
    • ​​​​​Incident response and declaring crisis/emergency.
    • Recovery and fail back to business as usual.

  6. Conducting periodical awareness sessions/meetings on CBE Business Continuity Policy, and best international practices followed by the CBE for all employees to ensure that they know their roles and responsibilities during exercises/tests and/or during crisis/emergency.​​​​​​​​​​