Business Impact Analysis Walkthrough Template

marc scarborough n.w
1 / 21
Embed
Share

Explore the essentials of Business Impact Analysis (BIA) through a basic template example, highlighting the importance of inventory, documentation, prioritization, and service descriptions in ensuring organizational resilience and preparedness. Learn how to identify critical systems, assess outage impacts, set recovery objectives, and prioritize resources effectively.

  • Business Analysis
  • Resilience Planning
  • Information Security
  • Critical Systems
  • University
rayaanacharya
amrut Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Marc Scarborough Information Security Officer Rice University marcs@rice.edu

  2. Business Impact Analysis (BIA) Walk Through a Basic Template Example General Notes Questions Links

  3. From NIST (your tax dollars at work): The purpose of the BIA is to identify and prioritize system components by correlating them to the mission/business process(es) the system supports, and using this information to characterize the impact on the process(es) if the system were unavailable. identify and prioritize

  4. Inventory When is the last time you had a good inventory of the systems performing your mission critical work? Documentation In an emergency situation do people know what to do? Prioritization Knowing what is integral in supporting critical University functions and its mission before something happens is good to know.

  5. Service Description Outage Impact Maximum Tolerable Downtime Recovery Time Objectives Resource Requirements Recovery Priorities for System Resources

  6. A primary focus of the BIA is to identify systems that support services critical to the University. The Service Description should include as much information as is not available elsewhere. As documentation for services progresses, pointers to existing, more often updated information might be more appropriate, if it contains the right information.

  7. Description of what the service provides Hardware and software Customers potentially impacted, both internal and external, due to outages Contact information as well Systems and services that depend on it Systems and services that it depends on Vendor and support contact information

  8. Which services should receive priority during or after an emergency should be determined by how much (and how quickly) that service impacts operations within the University

  9. When a service goes offline, how does it impact operations in the University? How long until operations are impacted? How long until operations are halted? Maximum Tolerable Downtime (MTD) How long will it take to recover? Recovery Time Objectives (RTO) Many IT services support several University operations Outage impact should be analyzed for each

  10. MTD This is represented as the absolute maximum time that can be tolerated for a University operation to be stopped. For example, how long can the University go without the ability to pay for services? Each operation the service facilitates should have this information.

  11. RTO This is represented as the time a system (not an operation) is unavailable before potentially affecting other systems. For example, how long can DNS stay down before Email goes down, affecting University business? This should be smaller than the MTD, and include time to restore information or re-run processes (like tape restores), all within the MTD window.

  12. The systems, hardware and software that support the service should be listed here. This might contain items from the Service Description section as well as specific dependencies.

  13. Which systems and resources should be restored to service first? Now that the critical University operations, impacts to the campus, tolerable downtimes and service components have been identified, prioritize the recovery steps by system and resource.

  14. Service Description

  15. Outage Impact

  16. Maximum Tolerable Downtime and Recovery Time Objective

  17. Resource Requirements

  18. Recovery Priorities for System Resources

  19. Its late in the day... Remember what the BIA is designed to help you do: Identify and prioritize Help with both continuity and recovery planning The template I use is based on NIST guidelines, but each University will most likely need to create or modify one that works for them. Thank you

  20. NIST http://csrc.nist.gov/publications/nistpubs/800- 34-rev1/sp800-34-rev1.pdf

Related


Task Team on International Trade Statistics Progress Overview

Task Team on International Trade Statistics Progress Overview

solange
Overview of EU Timber Regulation (EUTR) 995/2010 and its Application in Italy

Overview of EU Timber Regulation (EUTR) 995/2010 and its Application in Italy

aoibhe
UN-REDD Programme Progress Summary 2010-2011

UN-REDD Programme Progress Summary 2010-2011

aodh
Acid Control and Crime Prevention Act 2010: Salient Features

Acid Control and Crime Prevention Act 2010: Salient Features

tyrese
Updates on MTA Bridges and Tunnels Programs 2010-2019

Updates on MTA Bridges and Tunnels Programs 2010-2019

idris
Virginia Travel Expenditures: Analysis of Industry Sectors in 2010

Virginia Travel Expenditures: Analysis of Industry Sectors in 2010

rani_ru
Enhancing Public Access with Assistive Technology in ICT

Enhancing Public Access with Assistive Technology in ICT

sanderson_a
RHD Cost Sharing Review Update 2010: Capital Planning Horizons and Funding Strategies

RHD Cost Sharing Review Update 2010: Capital Planning Horizons and Funding Strategies

knip_lon
Wenxin Wang EUDET Annual Workshop 2010 Data Analysis Results

Wenxin Wang EUDET Annual Workshop 2010 Data Analysis Results

marc_d
Addressing Equality and Diversity Through the Equality Act of 2010

Addressing Equality and Diversity Through the Equality Act of 2010

gimena
Irrigation Service Centre Project Results 2009-2010

Irrigation Service Centre Project Results 2009-2010

vest_idy
Singapore's Evolution in ICT: 1980-2010

Singapore's Evolution in ICT: 1980-2010

dvit
Chile Country Portfolio Evaluation 2010-2014 Summary

Chile Country Portfolio Evaluation 2010-2014 Summary

ezmera
2010 Western Magazine Awards: Recognizing Excellence in Western Canadian Editorial Work

2010 Western Magazine Awards: Recognizing Excellence in Western Canadian Editorial Work

zarn708
Trade Dynamics in the Customs Union of Belarus, Kazakhstan, and Russia: A 2010-2011 Analysis

Trade Dynamics in the Customs Union of Belarus, Kazakhstan, and Russia: A 2010-2011 Analysis

cvedd
Innovations in 2010 Population Census: Enhancing Data Dissemination

Innovations in 2010 Population Census: Enhancing Data Dissemination

ama_mcc
Public Resource Mobilisation and Aid in Africa: Insights from African Economic Outlook 2010

Public Resource Mobilisation and Aid in Africa: Insights from African Economic Outlook 2010

griseldae
Cameron University Department of Music Program Evaluation 2010-2011

Cameron University Department of Music Program Evaluation 2010-2011

roc_bon
Native American Water Rights Settlements in the House: History and Future Outlook

Native American Water Rights Settlements in the House: History and Future Outlook

saanyast
NIH Appropriations and Grant Trends FY 2010-2020 Overview

NIH Appropriations and Grant Trends FY 2010-2020 Overview

yepp971
Development Partners Contribution into NHS 2010-2020: Impact and Indicators

Development Partners Contribution into NHS 2010-2020: Impact and Indicators

noor_443
Louisiana Parish Population Statistics 2010

Louisiana Parish Population Statistics 2010

lanh_el

More Related Content