Scribd Logo
Upload

Welcome to Scribd!

  • Step+3+ +Mastering+the+BIA+ +P1

    Uploaded by

    Валентин Беркут
    6 views8 pages
    The document outlines the steps to conduct a business impact analysis (BIA): 1. Identify and prioritize critical functions based on their impact if unavailable, such as accounts payable, payroll, call centers. 2. Map the dependencies between functions to understand upstream and downstream impacts. 3. Establish criteria for assessing qualitative and quantitative impact, including financial losses, regulatory fines, reputational harm. 4. Determine recovery objectives for how quickly functions must be restored (RTO) and what data cannot be lost (RPO). 5. Evaluate resource needs to meet recovery objectives and identify any gaps. 6. Gain leadership agreement on the BIA methodology and impact assessment criteria.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document outlines the steps to conduct a business impact analysis (BIA): 1. Identify and prioritize critical functions based on their impact if unavailable, such as accounts payable, payroll, call centers. 2. Map the dependencies between functions to understand upstream and downstream impacts. 3. Establish criteria for assessing qualitative and quantitative impact, including financial losses, regulatory fines, reputational harm. 4. Determine recovery objectives for how quickly functions must be restored (RTO) and what data cannot be lost (RPO). 5. Evaluate resource needs to meet recovery objectives and identify any gaps. 6. Gain leadership agreement on the BIA methodology and impact assessment criteria.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    6 views8 pages

    Step+3+ +Mastering+the+BIA+ +P1

    Uploaded by

    Валентин Беркут
    The document outlines the steps to conduct a business impact analysis (BIA): 1. Identify and prioritize critical functions based on their impact if unavailable, such as accounts payable, payroll, call centers. 2. Map the dependencies between functions to understand upstream and downstream impacts. 3. Establish criteria for assessing qualitative and quantitative impact, including financial losses, regulatory fines, reputational harm. 4. Determine recovery objectives for how quickly functions must be restored (RTO) and what data cannot be lost (RPO). 5. Evaluate resource needs to meet recovery objectives and identify any gaps. 6. Gain leadership agreement on the BIA methodology and impact assessment criteria.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 8

    Mastering the Business

    Impact Analysis..
    BIA steps:
    1. Identify and prioritize functions (which ones will have the greatest impact should they not be
    available?) Ex. AP, Treasury, Payroll, Collection, Call center, underwriting, procurement, etc

    2. Identify dependencies across functions (upstream & downstream)


    3. Identify the qualitative and quantitative criteria to assess the impact to the entity (risk assessment)
    4. Identify recovery objectives (RTO & RPO)
    5. Assess the resources required to support recovery objectives
    6. Identify any gaps between required resources and existing ones.

    Gain leadership agreement on business impact analysis (BIA) methodology and the criteria used in the BIA

    Business Continuity Management Master Class 2


    1. Identifying and prioritizing functions:
    • Criticality assessment:
    1. Mission critical functions/activities
    • Must be available for the organization to operate (ex. Key IT systems, Finance, etc)

    2. Essential functions/activities
    • Important on short term but won’t immediately halt operations (ex. emails)

    3. Important functions/activities
    • Important but not on short term (ex. Payroll)

    4. Non-essential functions/activities
    • Can be recovered over longer time frame without significant impact (ex. Other IT, HR)

    Business Continuity Management Master Class 3


    Activity

    From your entity’s operations,


    identify one:
    • Mission critical function/activity
    • Essential function/activity
    • Important function/activity
    • Minor function/activity

    Business Continuity Management Master Class 4


    2. Identify dependencies:
    Chart interdependencies between functions
    and activities

    Upon a disruption in a specific function, what


    other functions will also get impacted?

    Ex. a downtime in a database system can impact call


    center staff ability to serve customers’ inquiries

    Also, a downtime in your payment processing system


    can impact your vendors’ deliveries

    Business Continuity Management Master Class 5


    Activity

    From the previous list,


    identify one dependent
    function or activity

    Business Continuity Management Master Class 6


    3. Risk Assessment Criteria:
    Identify the qualitative and quantitative criteria to assess the impact to
    your entity:
    1. Customer Impact (service level, loss of customers, complaints)
    2. Financial Impact (Loss of profits, market share, Contractual fines or penalties)
    3. Regulatory impact (Fines, Revocation of license, Termination of business)
    4. Operational impact (Workflow and Supply chain disruptions)
    5. Reputational impact (Media attention, Loss of shareholder confidence
    6. Human impact (Loss of life and injury, compensation claims)

    Business Continuity Management Master Class 7


    Activity

    From the previous list,


    identify potential impacts
    of disruption for each of
    the identified
    functions/activities

    Business Continuity Management Master Class 8

    You might also like