NCUA OIG recommends failover test of IT network, better communication on operations continuity, security matters

January 6, 2023 NCUA 0

Four recommendations aimed at strengthening the federal credit union regulator’s Continuity of Operations Program (COOP) are laid out in an inspector general report following an audit of all COOP program activities from Jan. 1, 2018, through Dec. 31, 2021.

The report by the National Credit Union Administration (NCUA) Office of Inspector General (OIG) found generally that the COOP program was operating in accordance with applicable laws, regulations, policies, and procedures and that it was ready and able to execute should the need arise – the two areas of focus of the review. However, it said the audit also identified areas needing improvement.

“Specifically, we determined the NCUA should perform a full failover test of its IT network to ensure management is made aware of any potential weaknesses and correct them, as necessary,” the report states. “We also determined that the Office of Continuity and Security Management (OCSM) and the Office of the Chief Information Officer (OCIO) need to improve communication with each other regarding COOP and security matters.”

(A failover test, according to a footnote in the report, would test the IT network’s capability to switch over automatically to a redundant or standby system “upon the failure or abnormal termination of the previously active system.”)

The OIG’s specific recommendations were that NCUA management:

perform a business impact analysis to define the IT network as essential and determine timelines for restoration to be used as a measurement for a full failover test of the NCUA IT network;
ensures the Chief Information Officer plans, conducts, and reports on a full failover test of the NCUA’s IT network to identify and correct any identified weaknesses;
ensures the results of the failover test from are communicated in writing to the NCUA Board, the Office of the Executive Director, and the Director, Office of Continuity and Security Management, to ensure the agency’s Continuity of Operations program and disaster recovery capabilities are thoroughly managed and reported on; and
ensures OCIO management shares all necessary NCUA IT network, systems, disaster recovery information and details with the Director of OCSM, including dates and results of the OCIO’s tabletop exercises and other disaster recovery drills, such as failover tests.

The report states that management agreed with the recommendations and estimated year-end 2023 and 2024 completion dates.

Audit of the NCUA’s Continuity of Operations Program (Report #OIG-22-09 12/30/2022)

FDIC Board to meet Thursday on deposit insurance fund restoration, Change in Bank Control Act

April 23, 2024 0

An update on the agency’s Deposit Insurance Fund (DIF) restoration plan and proposals related to the Change in Bank Control Act are the two discussion items on tap for Thursday’s open meeting of the Federal Deposit Insurance Corp. (FDIC) Board, [...]
CFPB taking comments for 30 days on last week’s nonbank designation rule

April 23, 2024 0

A revised procedural rule on how the consumer financial protection agency designates nonbanks for supervision is in effect now, according to a notice in Tuesday’s Federal Register, and comments from the public will be accepted until May 23. The Consumer [...]
Comments due June 18 on FDIC bank merger policy statement

April 22, 2024 0

Public comments on the federal bank deposit insuring agency’s proposed statement of policy on bank merger transactions are due June 18, according to a notice in Friday’s Federal Register. The proposed statement, issued March 21 by the Federal Deposit Insurance [...]
Nagging inflation pressures, leading to tight money, cited as biggest risk ahead for financial stability

April 22, 2024 0

Persistent inflationary pressures leading to a more restrictive than expected monetary policy stance is the most frequently cited risk to financial stability by researchers, academics and market participants, according to a report issued late Friday by the Federal Reserve. Other [...]

Related