NT2580

Lab 6 worksheet

David Hall

1. What is the different between a risk analysis (RA) and a business impact analysis
(BIA)?
Risk analysis is often identifying the potential threats and the associated
vulnerabilities to the organizations. BIA perceives the organization from the impact
that is going to occur for an organization if the critical business processes are
interrupted or tampered
2. What is the difference between a Disaster Recovery Plan and a Business
Continuity Plan?
DR planning is an essential part of business planning. Making a Disaster Recovery
plan requires a lot of time from every functional department within the company.
Business continuity is a newer term which was first popularized as a response to the
Y2K bug. In these situations, you need a plan that will allow the organization to
continue generating revenue and providing services on a temporary basis until the
company has regained its bearings.
3. Typically, a business continuity plan is also a compilation or collection of other
plans. What other
plans might a BCP and all supporting documents include?
Technical backup Plan: How can you recover smoothly from technical glitches?
Communications Plan: What communication will facilitate this recovery?
4. What is the main difference between a Disaster Recovery Plan (DRP) and a
Business Continuity Plan
(BCP)?
Disaster recovery is the older of the 2 functions. Business continuity is a newer
term.
5. What is the purpose of a risk assessment and business impact analysis? What is
this important first
step in defining a BCP and DRP?
The purpose of risk analysis is to minimize the effect of threats to your network. The
first step in this process is prevention.
6. How does risk assessment (RA) relate to a business impact analysis for an
organization?
Showing the risk by comparing the potential loss to the percentage loss will occur
7. Given the list of identified mission critical business functions and processes, what
kind of company
would you say this organization is, and what do you think are its most important
business processes

and functions?
They are some kind of consumer business that ships products online. Their web and
e-commerce servers are probably their most treasured resources.
8. Given the prioritization list provided for the organizations identified business
functions and
processes, write an assessment of how this prioritization will impact the need for IT
systems,
applications, and data access.
They are in high need of backups and geo-synchronization to keep their systems up.
Additionally, they will need access to applications to help with shipping and
banking.
9. For the top 5 identified business functions and processes, what recovery time
objective (RTO) would
you recommend for this organization and why?
I would recommend an RTO of none to very little. They are likely a company that
deals with many contractors and civilians on an everyday basis. They need to keep
all their dealings on time and up to date.
10. Why is payroll for employees and Human Resources listed as a co-number 1
business priority?
They are a company that values their employees.