Presentation is loading. Please wait.

Presentation is loading. Please wait.

9 juni 2009 Alex van Os de Man BCI Forum 2009 Business Impact Analysis Process.

Published byPaulina Andrews Modified over 8 years ago

Similar presentations

Presentation on theme: "9 juni 2009 Alex van Os de Man BCI Forum 2009 Business Impact Analysis Process."— Presentation transcript:

1 9 juni 2009 Alex van Os de Man BCI Forum 2009 Business Impact Analysis Process

2 Why perform a Business Impact Analysis ? If you don’t know what the impacts are to your business processes and systems, there is no way to focus how you are going to recover as well as to write your Business Continuity Plan

3 Life Cycle of BCM

4 Key BIA Objectives To enable business areas to determine their critical business activities To increase BCM awareness and identify impacts that business interruption will cause to the business and customers To establish and prioritise timelines for the recovery of critical business processes, resources, systems and documentation To identify inter-dependencies

5 Determine Critical Business Activities The key activities during this stage are to: Define the business area and its location of business At a high level, identify key functional responsibilities/processes and associated tasks undertaken by the business area

6 Positioning the BIA process ? Understanding the Business (who we are, what we do) Understanding the Organisation (who does what) BIA Ownership (what are our priorities) Buy-In (managing expectations)

7 Impact Assessment The key activities during this stage are to: Determine the impact to the business if the business processes could not be performed, in a worst case scenario Apply a financial, reputational & legal/compliance risk criteria impact against each business process Use at a minimum the following time scales – within 1 day, within 1 week, within 4 weeks, after 1 month Use the severity ratings – High, Medium, Low

8 Recovery Objective Setting Against each defined business process, identify the Recovery Time Objective (RTO) & the Recovery Point Objective (RPO) RTO – Is the maximum acceptable downtime that the business is prepared to accept before the process will need to be recovered (this measurement is independent of the RPO) RPO – The point to which you require IT to restore your data to the backup systems in order to achieve your recovery objectives

9 Recovery Profile Analysis The key activities are to identify and prioritise using the defined timescales the following: Applications required to perform the business processes Resources required to perform the business processes Equipment (IT/Other) required to support the business processes Documentation required in the performing of the business processes

10 People Facilities Information Equipment Systems Data Identify essential items to recover Business Processes

11 Dependency Analysis Identify key interactions & dependencies between departments, other locations and business partners (internal & external) that are part of the business processes Identify cross-Business Unit business priorities for Strategic Business Units that share technology, facility, or staff support resources that may be constrained in a crisis

12 BIA Maintenance At a minimum, the BIA must be updated once annually Or sooner if there are changes in the business composition or business processes

13 Next Steps …….. Findings from a BIA must be used to make decisions concerning Business Continuity Management strategies and solutions Business Criticality vs Costs (what the business is prepared to pay for)

Download ppt "9 juni 2009 Alex van Os de Man BCI Forum 2009 Business Impact Analysis Process."

Similar presentations

Information Technology Disaster Recovery Awareness Program.

Information Technology Disaster Recovery Awareness Program.
Making Business Continuity Childs Play Business Continuity Management Presentation to January 2006 Mick 087-2897687

Making Business Continuity Childs Play Business Continuity Management Presentation to January 2006 Mick
University of York Planning for Process Review. Using our Vision, Strategy and Medium Term Planning to inform our business and process change agenda..

University of York Planning for Process Review. Using our Vision, Strategy and Medium Term Planning to inform our business and process change agenda..
Business Continuity Training & Awareness by Sulia Toutai (ANZ)

Business Continuity Training & Awareness by Sulia Toutai (ANZ)
BCM and Security ROGSI/DMS Präsentation ROGSI/DMS Suite for Corporate Survival ROGSI/Business Impact Analysis TOP 7 Best Practices for Business Continuity.

BCM and Security ROGSI/DMS Präsentation ROGSI/DMS Suite for Corporate Survival ROGSI/Business Impact Analysis TOP 7 Best Practices for Business Continuity.
Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.

Reliability of the electrical service Business Continuity Management Business Impact Analysis (BIA) Critical ITC Services Minimum Business Continuity Objective.
Disaster Preparedness I Lessons Learned Don Hall Thomson Prometric 2006 Annual ConferenceAlexandria, Virginia Council on Licensure, Enforcement and Regulation.

Disaster Preparedness I Lessons Learned Don Hall Thomson Prometric 2006 Annual ConferenceAlexandria, Virginia Council on Licensure, Enforcement and Regulation.
1 The process of analyzing all core business functions and establishing an optimized timetable for recovery. Provides baseline for:  Justification for.

1 The process of analyzing all core business functions and establishing an optimized timetable for recovery. Provides baseline for:  Justification for.
BUSINESS CONTINUITY MANAGEMENT THROUGH STANDARDS AND BEST PRACTICES Jasmina Trajkovski, CISA, CISM.

BUSINESS CONTINUITY MANAGEMENT THROUGH STANDARDS AND BEST PRACTICES Jasmina Trajkovski, CISA, CISM.
Service Design – Section 4.5 Service Continuity Management.

Service Design – Section 4.5 Service Continuity Management.
1 Disaster Recovery “Protecting City Data” Ron Bergman First Deputy Commissioner Gregory Neuhaus Assistant Commissioner THE CITY OF NEW YORK.

1 Disaster Recovery “Protecting City Data” Ron Bergman First Deputy Commissioner Gregory Neuhaus Assistant Commissioner THE CITY OF NEW YORK.
Business Continuity Planning Jeremy Stacy. Objectives Understand the steps in Business Continuity Planning Understand the terminology used in Business.

Business Continuity Planning Jeremy Stacy. Objectives Understand the steps in Business Continuity Planning Understand the terminology used in Business.
1 Business Continuity: The sixth international payment system conference MNB, Budapest 14 November, 2007.

1 Business Continuity: The sixth international payment system conference MNB, Budapest 14 November, 2007.
Copyright 2004 Turning Point Solutions Establishing Lines Of Communication Before a Crisis.

Copyright 2004 Turning Point Solutions Establishing Lines Of Communication Before a Crisis.
© Beaworthy Consulting & IDW Ltd 2011 Reporting ‘ROI’ to stakeholders (1) FormatsNotesFrequency Annual Report Important in positioning LIS as a core service.

© Beaworthy Consulting & IDW Ltd 2011 Reporting ‘ROI’ to stakeholders (1) FormatsNotesFrequency Annual Report Important in positioning LIS as a core service.
Implementing BCM Lynda McMullan CBCI Business Continuity Manager.

Implementing BCM Lynda McMullan CBCI Business Continuity Manager.
The Australian/New Zealand Standard on Risk Management

The Australian/New Zealand Standard on Risk Management
Service Design – Section 4.5 Service Continuity Management.

Service Design – Section 4.5 Service Continuity Management.
Disaster Recovery Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

Disaster Recovery Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.
Business Continuity The Basics Emergency Planning and Business Continuity Team.

Business Continuity The Basics Emergency Planning and Business Continuity Team.

Similar presentations

Ads by Google