1 / 12

Finding Additional Value From the Business Impact Analysis

Finding Additional Value From the Business Impact Analysis. By Jeff Fetherolf. Terminology. Business Impact Analysis (BIA)

lucie
Download Presentation

Finding Additional Value From the Business Impact Analysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Finding Additional Value From the Business Impact Analysis By Jeff Fetherolf

  2. Terminology Business Impact Analysis (BIA) A process of having the business process owners, business subject matter experts, etc. identify the criticality of a business’ processes by assessing its Financial and operational / Intangible impacts as a result of unavailability. While completing a BIA for each business process these individuals will also identify the Applications and that support each business process. Application Impact Analysis (AIA) A process of having the an Information Technology (IT) individual assess the criticality, priority, etc. of an Application. Cost Benefit Analysis (CBA) The process of evaluating the Total Cost of Ownership (TCO) against the amount of Risk Reduction.

  3. Traditional Deliverables Recovery Time Objective (RTO): Organization’s Acceptable Amount of IT Absence Recovery Time Achievable (RTA): Based on Resources, Processes, etc., the true / realistic recovery time of the organization Recovery Time Time of Disaster 07 Days 30 Days 04 Hours 02 Days 03 Days 04 Days 02 Hours 08 Hours 24 Hours 60 Min 30 Min 05 Min 15 Min 45 Min

  4. Traditional Deliverables Recovery Point Objective (RPO): Organization’s Acceptable Amount of Data Loss Recovery Point Achievable (RPA): Based on Resources, Processes, etc., the true / realistic recovery point of the organization Recovery Point Objective Time of Disaster 02 Hours 24 Hours 08 Hours 04 Hours 30 Days 04 Days 03 Days 02 Days 07 Days 60 Min 45 Min 30 Min 15 Min 05 Min

  5. BIA Result Paths

  6. Process Mapping • Identify each Department’s Business Processes • Identify the criticality of each Business Process • Identify the interdependencies between • Business Processes and Departments

  7. Data Mapping • Identify the Data Elements (Variables) for each • Application • Identify how the Data Elements are utilized with each • Business Process • Identify how each Department utilizes the Data Elements • Identify the Criticality & Sensitivity of the Data Elements

  8. Storage Mapping • Identify the required Storage to support the • Recovery Time Objective requirements of the Business • Identify the location of the Critical and Sensitive Data • Identify, using Cost Benefit Analysis, the need to • segregate Data by Tier

  9. Asset Mapping • Identify the Hardware and Software (HW/SW) for each • Application • Identify HW/SW utilized by each Business Process • Identify the criticality of HW/SW

  10. Summary • Business Impact Analyses provide Business Processes’ and Applications’ • Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) • Business Impact Analyses can also create a bridge between • Business Processes, Data Elements, Storage, and Assets

  11. Questions

  12. Thank You!

More Related