The terrorist attacks on the World Trade Center and the Pentagon did more in a single day to boost the profile of contingency planning than did years of exhortations from regulators and disaster-recovery professionals.
Financial institutions for the most part performed admirably in getting their operations back up in the wake of the attacks.
But crucial lessons were learned.
Institutions with operations at or near the disaster site are now taking stock of how they can improve their preparedness, while those in other parts of the nation are absorbing the reality that contingency planning has become a front-and-center concern.
"Everyone to some extent is looking at this issue," said Ted DeZabala, a partner in Deloitte & Touche's enterprise risk services group.
The attacks showed financial institutions that they should be doing more to prepare for any type of disaster. Even the most basic assumptions - for example, a plan that calls for staff to fly to a backup facility - have now been challenged.
An important new need that emerged is to disperse operational sites over larger geographic areas. Companies also discovered that their own ability to recover is tightly connected with the ability of their numerous suppliers and partners to get back into business. And they found that information held on personal computers and local area networks must be given the same disaster- recovery consideration as major data centers.
A recent real estate transaction between Lehman Brothers and Morgan Stanley illustrates the new nature of business-recovery planning. Within a month of the Sept. 11 attacks, Morgan Stanley had arranged to sell a one-million-square-foot office tower to Lehman Brothers. Like many …