Business Continuity Management

Business Continuity Management (BCM) framework and its related processes and procedures are in place to prepare Bursa Malaysia to rapidly recover and resume critical operations following an operational service disruption. The Framework is designed in adherence to CPMI IOSCO Principles for Financial Market Infrastructure guideline, i.e. principle 17 Operational Risk. 

Key components of BCM include identification of key critical business/operations functions, technology requirements, external suppliers, response procedures, communication tasks and recovery time objectives. Additionally, technology disaster recovery plan is in place for all critical systems. There is also incident management and emergency response procedures in place for the organisation. The Disaster Recovery Management Team led by senior management, is supported by representatives from core business units and support services.  

In the event of disruption at the primary site, the back-up site has adequate infrastructure and facilities to support on-going operation of critical functions of the exchange, clearing house and depository. Targeted recovery times objectives for key systems range between 2 to 4 hours. The failure of the critical system components is mitigated with clustering and redundant systems/infrastructure facilities at BM’s main site, hence minimizing the needs to failover to BM’s Disaster Recovery (DR) site/systems. The systems at BM’s DR site are capable of running all functionalities that are currently available at main site.  BM has a comprehensive Business Continuity Plan (BCP). The BCP is tested annually with the participation of all relevant stakeholders including the market participants.  

REPORTING

Risk & Compliance Division makes regular assessments of each risk and reports to the Management Committee, Management Risk and Audit Committee, Risk Management Committee and the Board on periodic basis.