Post Top Ad

Your Ad Spot

Blog Archive

Tuesday, October 31, 2017

Five Tips for Reviewing Firm Disaster Recovery

By Cory Roberson, Principal at FIN Compliance and FIN Lancer

The last few months provided a real test in disaster recovery measures for some firms located in communities surrounding Houston, Southern Florida, and Northern California areas.  And then, while combined with recent cybersecurity breaches, other advisors across the country experienced more risks to their practices.  SEC compliance

Step 1:  Establish a plan/template
Determine key components of the plan. 
Map office locations for testing, training, and implementing the plan.
Plan communications methods, types, and alternatives.
Prepare an operation manual that addresses emergencies.

Step 2: Establish the team
Assign one leader (and a co-leader if necessary) who understands the critical tasks, logistics, and risks of the firm. 
Delegate roles/responsibilities for the team. 
Maintain procedures in case a team member is unable to fulfill his/her obligations.  This can also be another firm/advisor if you are a sole practitioner with no staff. 
Step 3:  Critical Business Systems/Vendors
Describe essential services (e.g. trading).
Maintain a list of key vendors/business services (e.g. custodian, banks, prime brokers, IT).
Prepare supplies (e.g. emergency first aid kit, food).

Step 4:  Risk Assessment  
Identify risk areas/mitigation processes for Standard Business Disruptions (SBD’s):

Fire: “In the event of a fire, the firm may be unable to use the office and will meet at this location….”

Hurricane: “In the event of a hurricane, the firm may be unable to use all offices, phones, and other standard methods of communication.   We will mitigate this risk through……”
Data Breaches: “In the event of a cybersecurity attack, our firm will….”

Step 5:  Update and/or test with team once a year.

Review the firms business continuity documentation at least annually for making changes. 

**Note: We will develop a Preparedness checklist to help firms to better plan, test, and update disaster recovery measures.  This will be available in our compliance management software for paid users.  State or call us at: 650-305-2688.

Compliance and Business Management

FIN Compliance ( is a consortium of compliance services including: RIA Consults-Roberson Consults Group, a compliance consulting firm, RIA Review, a compliance-management software tool (SaaS), B-D Review, a RIA/Broker-Dealer compliance management software tool, and FINLancer is a business management portal featuring:  E-signature tools; Invoicing integration, Vendor Directory, continuity directory*, business client document portal, and more (available by Q3 2019).  Access all services on one site:


FIN Missions ( provides business support group sessions for other entrepreneurs.  In addition, Cory has volunteered for more than fifteen youth programs in locations such as like S. Korea, China, S. Africa, Thailand, and India.

No comments:

Post a Comment

Post Top Ad

Your Ad Spot