Preview

Unit 7 Lab 7 Performing a Business Impact Analysis for an IT Infrastructure

Better Essays
Open Document
Open Document
790 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Unit 7 Lab 7 Performing a Business Impact Analysis for an IT Infrastructure
Unit 7 Lab 7: Performing a Business Impact Analysis for an IT Infrastructure
IS 3110

Debra Williams

1. What is the goal and purpose of a BIA?
a. The purpose of a business impact analysis (BIA) report is to describe the potential risks specific to the organization studied. One of the basic assumptions behind BIA is that every component of the organization is reliant upon the continued functioning of every other component, but that some are more crucial than others and require a greater allocation of funds in the wake of a disaster. For example, a business may be able to continue more or less normally if the cafeteria has to close, but would come to a complete halt if the information system crashes.
2. Why is a business impact analysis (BIA) an important first step in defining a business continuity plan (BCP)?
a. The BIA is the first step because it is used to identify the impact that can result from disruptions in the business. Without the BIA, the BCP would not identify and prioritize which systems and processes must be sustained and provide the necessary information for maintaining them.
3. How does risk management and risk assessment relate to a business impact analysis for an IT infrastructure?
a. Risk assessment relates to a business impact analysis by showing the amount of risk in making a business deal, by comparing the potential loss to the percent the loss could occur.
b. Risk management relates to a business impact analysis by identifying resources and associated risks, determining their magnitude, identifying what safeguards are needed, and maintain the proper techniques to mitigate the risks.
4. What is the definition of Recovery Time Objective (RTO)? Why is this important to define in an IT Security Policy Definition as part of the Business Impact Analysis (BIA) or Business Continuity Plan (BCP)?
a. The RTO is the time in which the system or function must be recovered. The RTO would be equal to or less than the MAO. For example, if the MAO is
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Lester Reinoso IS3340 Unit 6 Lab 1
    • 494 Words
    • 2 Pages

    Lester Reinoso IS3340 Unit 6 Lab 1

    Disaster recovery and business continuity planning are processes that help organizations prepare for disruptive events. Management's involvement in this process can range from overseeing the plan, to providing input and support, to putting the plan into action during an emergency.…

    • 494 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    Project Part 2 Task 2
    • 461 Words
    • 2 Pages

    Project Part 2 Task 2

    The Business Continuity Plan is designed to prepare an organization to continue doing business when a disaster strikes. The BCP differs from the traditional disaster recovery plan in the fact that a BCP covers all aspects of the business and incorporates the DRP as part of it. The DRP focuses on restoring data and on information technology only.…

    • 461 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Acct 504 Case Study 2
    • 1426 Words
    • 5 Pages

    Acct 504 Case Study 2

    Risk assessment – The organization must identify and analyze the different factors that generate risk for the business and must decide how to manage these risks. Because economic industry, regulatory and operating conditions will continue to change. (coso)…

    • 1426 Words
    • 5 Pages
    Good Essays
    Read More
  • Powerful Essays

    is 3110
    • 1342 Words
    • 5 Pages

    is 3110

    Dawood AlrubayeThe BIA purpose is to correlate specific system components with the critical services that they provide, and based on that information, to characterize the consequences of a disruption to the system components. So, there are two parts to the BIA: the first is to understand mission-critical business processes and the second is to correlate those to IT systems. As an IT professional, certainly understand the importance of various IT systems, but may not be fully aware of the critical business functions performed in the company. First, understanding the critical business functions is important in terms of understanding how to recover IT systems in the event of a significant business disruption. Company might think that System A is most critical, based on a number of assumptions you're making. However, through this process, Company might find that System B or C is really what keeps the company up and running on a day-to-day basis or that without System D, System A doesn't really matter. Second, Today's CIO needs to have a solid background in technology and business, so understanding the critical business functions in your company will pay off in many ways for you.…

    • 1342 Words
    • 5 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Unit 6 Lab
    • 727 Words
    • 2 Pages

    Unit 6 Lab

    After you inventory your assets, you would need to identify the scope of your risk management. You would want to identify things such as your critical business operations, how you connect with your customers, mission-critical data, systems, and applications, and security gaps and identify these throughout all 7 domains of your infrastructure.…

    • 727 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Cis 462 Business Impact Analysis Assignment 2
    • 1932 Words
    • 8 Pages

    Cis 462 Business Impact Analysis Assignment 2

    Prior to developing Business Continuity Plans the organization should complete a Business Impact Analysis (BIA). The objective of the BIA is to collect information about the business to understand the importance of the different functions within the organization. The BIA serves as the basis on which an effective BCP can be developed and put in place. Results of performing a BIA will identify and quantify how the business will be impacted during a disruption or loss of processes within the organization. Effective implementation will help the organization recover its operations…

    • 1932 Words
    • 8 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Lab 6
    • 817 Words
    • 4 Pages

    Lab 6

    1. What is the difference between a risk analysis (RA) and a business impact analysis (BIA)? Risk analysis is often identifying the potential threats and the associated vulnerabilities to the organizations .Risk analysis doesn’t view the organization from the mission critical Business Process point of view. More over BIA perceives the organization from the impact that is going to occur for an organization if the critical business processes are interrupted or tampered…

    • 817 Words
    • 4 Pages
    Satisfactory Essays
    Read More
  • Better Essays

    CIS 502 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING
    • 1114 Words
    • 10 Pages

    CIS 502 BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING

    Supply Disruption  Customer Disruption  Employee Disruption Communication Utilities Contingency Planning Process High Level Contingency and Disaster Recovery Planning Strategy • Develop the Business Contingency Planning • • • • • • • Policy and Business Process Priorities Conduct a Risk Assessment Conduct the Business Impact Analysis (BIA) Develop Business Continuity and Recovery Strategies Develop Business Continuity Plans Conduct awareness, testing, and training of the DRP Conduct Disaster Recovery Plan maintenance and exercise Identify business processes Industry Standards ISO 27001 : Requirements for Information Security Management Systems. Section 14 addresses business continuity management.…

    • 1114 Words
    • 10 Pages
    Better Essays
    Read More
  • Satisfactory Essays

    Introduction to Information Security: Assessment Worksheet
    • 314 Words
    • 2 Pages

    Introduction to Information Security: Assessment Worksheet

    an essential component of an organization's business continuance plan, it includes an exploratory component to…

    • 314 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    ISSC363 Assignment 3
    • 586 Words
    • 2 Pages

    ISSC363 Assignment 3

    At its core, the purpose of a risk assessment is identifying and evaluating risks that may potentially have a negative impact on an organization. It can help management understand the impact in terms of costs to the organization or the severity of a loss depending on the methodology used to conduct the risk assessment. The goal is to provide sound recommendations based on the risk assessment to help maintain data confidentiality, integrity and vulnerability while ensuring functionality and usability. Based on the results, management can make more informed decisions about what resources to protect, how to protect them and understand the potential costs and impact. Once the purpose of the risk assessment is understood, defining the scope is next.…

    • 586 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Better Essays

    Mu2.4 Contribute to Children and Young People's Health and Safety
    • 1959 Words
    • 8 Pages

    Mu2.4 Contribute to Children and Young People's Health and Safety

    1.3 Explain what risk assessment is and how this is managed in the work setting…

    • 1959 Words
    • 8 Pages
    Better Essays
    Read More
  • Satisfactory Essays

    Insurance Plays A Big Role In Risk Mana
    • 129 Words
    • 1 Page

    Insurance Plays A Big Role In Risk Mana

    Insurance plays a big role in risk management for a personal financial plan. Outline an insurance plan for various stages of life. Specifically address the following required elements:…

    • 129 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Powerful Essays

    Week 10 Technical Paper
    • 2283 Words
    • 10 Pages

    Week 10 Technical Paper

    Every organization is faced with some risk or potential threat that could cause an interruption to the organization’s operations. These risks and threats can come from within or outside of the organization. To prepare for the worst that could happen, organizations must focus their attention on how to assess different types of risks to protect the organization from the possible negative effects to the daily operations. Performing a risk assessment is one of the most important steps in the risk management process (eHow, 2011).…

    • 2283 Words
    • 10 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Quiz Week 5
    • 381 Words
    • 2 Pages

    Quiz Week 5

    8. Explain what Recovery Time Objective (RTO) is and why the DRP needs to be written to meet it.…

    • 381 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Contribute to Children and Young People's Health and Safety
    • 3026 Words
    • 13 Pages

    Contribute to Children and Young People's Health and Safety

    1.3. Explain what risk assessment is and how this is managed in the work setting…

    • 3026 Words
    • 13 Pages
    Powerful Essays
    Read More

Related Topics