Preview

Cis 462 Business Impact Analysis Assignment 2

Powerful Essays
Open Document
Open Document
1932 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Cis 462 Business Impact Analysis Assignment 2
Assignment 2: Business Impact Analysis

August 21, 2014

CIS 462 Security Strategy and Policy

Dr. J. F. Manning
Abstract
Prior to developing Business Continuity Plans the organization should complete a Business Impact Analysis (BIA). The objective of the BIA is to collect information about the business to understand the importance of the different functions within the organization. The BIA serves as the basis on which an effective BCP can be developed and put in place. Results of performing a BIA will identify and quantify how the business will be impacted during a disruption or loss of processes within the organization. Effective implementation will help the organization recover its operations
…show more content…
Describe the methods for establishing component priorities, including recovery time frameworks.
"Once critical functions and processes have been determined the BIA team is then charged with assigning Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) to each function. RTO 's are tiered by their level of criticality. It is important to assign appropriate RTO 's and RPO 's that meet business practices." (Linking Disaster Recovery Time Objectives to Business and Compliance Requirements). As an example, the RTO 's could be classified as:
Tier 1 – Fault-tolerant with no impact on the users. If the system goes down, a built in recovery plan gets implemented with no data loss.
Tier 2 – RTO is set to meet the 24 hour time window. At this level organizations will need to have alternative solutions and equipment required to bring systems back online.
Tier 3 – RTO is set to meet the 48 hour time window. This level applies to companies with off-site locations such as data center where operations can be shifted to an alternate
…show more content…
A natural disaster or serious disruption can create a chain reaction that ripples through the business community and impacts the local or regional economy." (Business Impact Analysis)
From a planning and implementation perspective people are a major factor in business continuity efforts. When a natural disaster strikes, some or all of your employees will be impacted. Loss of life or serious injury is a real possibility. As you evaluate business functions and processes, you will also need to identify key positions, knowledge, and skills needed for business continuity. "The BC/DR plan needs to look at key positions within the company and understand the role of each in the business continuity realm." (Business Impact

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Disaster recovery and business continuity planning are processes that help organizations prepare for disruptive events. Management's involvement in this process can range from overseeing the plan, to providing input and support, to putting the plan into action during an emergency.…

    • 494 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    Primary hardware that must have a backup to ensure availability is the web server and the database server. In addition to having a primary and a backup of each of these two servers a replication server must also be implemented into the architecture in order for the databases on each server to mirror each other. With proper planning and implementation of this system if the primary servers have a failure there will not be any interruption of service to the customer who is accessing the…

    • 2777 Words
    • 12 Pages
    Powerful Essays
  • Good Essays

    This application set could be classified under a multi network. The applications 1 and 3 have one set of reliability and delay requirements while applications 2 and 4 have another set. The capacity of applications 1 and 3 vary quite a lot hence it has to be configured under different tiers. Application 2 and can be configured in one.…

    • 785 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    Project Part 2 Task 2

    • 461 Words
    • 2 Pages

    The Business Continuity Plan is designed to prepare an organization to continue doing business when a disaster strikes. The BCP differs from the traditional disaster recovery plan in the fact that a BCP covers all aspects of the business and incorporates the DRP as part of it. The DRP focuses on restoring data and on information technology only.…

    • 461 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    is 3110

    • 1342 Words
    • 5 Pages

    Dawood AlrubayeThe BIA purpose is to correlate specific system components with the critical services that they provide, and based on that information, to characterize the consequences of a disruption to the system components. So, there are two parts to the BIA: the first is to understand mission-critical business processes and the second is to correlate those to IT systems. As an IT professional, certainly understand the importance of various IT systems, but may not be fully aware of the critical business functions performed in the company. First, understanding the critical business functions is important in terms of understanding how to recover IT systems in the event of a significant business disruption. Company might think that System A is most critical, based on a number of assumptions you're making. However, through this process, Company might find that System B or C is really what keeps the company up and running on a day-to-day basis or that without System D, System A doesn't really matter. Second, Today's CIO needs to have a solid background in technology and business, so understanding the critical business functions in your company will pay off in many ways for you.…

    • 1342 Words
    • 5 Pages
    Powerful Essays
  • Good Essays

    Is 305 Week 4 Lab

    • 758 Words
    • 4 Pages

    True or False - If the Recovery Point Objective (RPO) metric does not equal the Recovery Time Objective (RTO), you may potentially lose data or not have data backed-up to recover. This represents a gap in potential lost or unrecoverable data. False, the RPO could be 30 mins while the RTO could be 1 hour. The RPO depends upon the backup, if it occurs every day at 5pm, then no data would be lost. If the backup is every hour, then data not backed up prior to the outage would have the…

    • 758 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    2. What is the difference between a disaster recovery plan (DRP) and a business continuity plan…

    • 246 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    Nt2580 Notes

    • 1034 Words
    • 5 Pages

    A plan designed to help an organization continue to operate during and after a disruption…

    • 1034 Words
    • 5 Pages
    Powerful Essays
  • Better Essays

    Supply Disruption  Customer Disruption  Employee Disruption Communication Utilities Contingency Planning Process High Level Contingency and Disaster Recovery Planning Strategy • Develop the Business Contingency Planning • • • • • • • Policy and Business Process Priorities Conduct a Risk Assessment Conduct the Business Impact Analysis (BIA) Develop Business Continuity and Recovery Strategies Develop Business Continuity Plans Conduct awareness, testing, and training of the DRP Conduct Disaster Recovery Plan maintenance and exercise Identify business processes Industry Standards ISO 27001 : Requirements for Information Security Management Systems. Section 14 addresses business continuity management.…

    • 1114 Words
    • 10 Pages
    Better Essays
  • Satisfactory Essays

    Quiz Week 5

    • 381 Words
    • 2 Pages

    A RTO is the time needed to recover a system, so the MAO can be accurate.…

    • 381 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    continuity plan overview

    • 689 Words
    • 3 Pages

    The BCM and his team will be responsible for performing a company-wide Business Impact Assessment (BIA) which will inform you all, as executives where we stand in the area of recovery and allow you to make informed decisions moving forward. Along with the production of the BIA, each team lead and the BCM will ensure that all staff members are properly made aware and trained on all information that pertains to them and their sections. Each section will be held responsible for their plans of action, and practicing those plans with staff in dry runs.…

    • 689 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Unit 6 Lab

    • 727 Words
    • 2 Pages

    In identifying the critical business operations, you would want to conduct a business impact analysis. The BIA will help you identify the cost of an asset loss. This includes the direct cost (i.e. sales lost during the outage) and indirect cost (loss of consumer trust and cost to regain their trust). This BIA will help you to identify the maximum acceptable outage, which is the maximum amount of time an asset can be down before affecting your overall business mission. Establishing this MAO will guide your recovery plans as you need to be able to restore service within that amount of time. The biggest part of doing your BIA is data gathering. This can be information ranging from how a service affects the business’ profitability or survivability, to how it will affect your employees or customers.…

    • 727 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Unit 7 Lab

    • 293 Words
    • 2 Pages

    4. What is the definition of recovery time Objective (RTO) Why is this important to define n an IT Security Policy Definition as part of the Business Impact Analysis (BIA) or business Continuity Plan (BCP)?…

    • 293 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    the CCO or CMO) will, within 72 duty hours (based on 24-hour workday not including…

    • 1634 Words
    • 7 Pages
    Satisfactory Essays
  • Good Essays

    Is 3110 Lab 7

    • 949 Words
    • 4 Pages

    Disaster recovery risk assessment and business impact analysis (BIA) are crucial steps in the development of a disaster recovery plan. But, we need to locate disaster recovery risk assessment and business impact assessment in the overall planning process. To do that, let us remind ourselves of the overall goals of disaster recovery planning, which are to provide strategies and procedures that can help return IT operations to an acceptable level of performance as quickly as possible following a disruptive event. The speed at which IT assets can be returned to normal or near-normal performance will impact how quickly the organization can return to business as usual or an acceptable interim state of operations.…

    • 949 Words
    • 4 Pages
    Good Essays