Samples Business Continuity Plan (BCP) Templates for Project Management Office (PMO)

Disaster Recovery:
Application/Critical System Recovery (Indicate high level strategies to recover critical applications or systems that are impacted by event)

Business Continuity:
- Application/Critical System Unavailable (Indicate strategies to perform essential functions to customers when key business applications and systems are not available)

Top 6 ATM (Automatic Teller Machine) Personalization Strategy

1. Customization:
Through transaction personalization options, customers can preset their preferences for the types of transactions they want to perform and the information they want to receive, which leads to feelings of personalized relationships and loyalty

2. Brand reinforcement:
ATM screen graphics and messaging can be made consistent with the financial institution’s other marketing channels, reinforcing messages with each ATM transaction

3. Cross-sell opportunities:
One-to-one targeted messaging via an ATM can result in higher response rates than from other marketing channels. Additionally, financial institutions have the opportunity to cross-sell to non-customers who use the financial institution’s ATMs

1. A business transaction requires the execution of multiple operations.

2. Transaction volume and database size adds complexity and undermines efficiency.

3. To scale up a system for high performance, transactions must execute concurrently.

4. Each transaction should either return an acknowledgment that it executed or return a negative acknowledgment that it did not execute.

5. The system should be incrementally scalable.

During SDLC process what are the key security controls that you need to aware? below the list:

1. Risk Assessment
Risk assessment will be specific and detailed, since the project participants will have actual specifications for the hardware and software that will be used to implement the system.

2. Functional Requirements Analysis
Ensure that project participants review the system ’ s functional requirements to help determine the security requirements necessary for successful implementation.

3. Assurance Requirements Analysis
Determine what development work and assurance evidence are necessary to establish confidence that the security will work correctly and effectively.

The PCI DSS (Payment Card Industry - Data Security Standard) cardholder data environment has an aggregated risk based on the subrisk categories of reputation, financial, compliance, and operational.

Reputation Risk
- Risk of PCI DSS non-compliance on your institution’s brand?

Financial Risk
- Risk of the fines from specific credit card issuers (i.e., Visa, MasterCard, and American Express)
- Litigation costs associated with security breach
- Merchant banks will receive fines as a result of a security breach.

Compliance Risk
- Risk of non compliance with PCI DSS
- The fines from specific credit card issuers (i.e., Visa, MasterCard, and American Express)