Log in     RSS       
Just another WordPress weblog

Business Continuity and Disaster Recovery - Business Impact Analysis


Business impact analysis is a critical part of the business continuity planning process. This step quantifies data and gets into the real world issue of potential losses that can negatively impact your business. It is used to understand the most important impacts and how to best protect your people, processes, data, communications, assets and the organizations goodwill and reputation.

Organizations often think in terms of disaster recovery. Business continuity and the business impact analysis is more focused on keeping the business up and running and less focused on recovery after a disaster. The business impact analysis also is not focused only on the potential disasters, but on all potentially critical discontinuities. Key elements of the Business Impact Analysis are to identify critical business functions, establish the maximum acceptable outage time for each of these functions and then to determine the impact of not performing those functions. This can be measured against regulatory, legal, financial, operations or customer service requirements.

Once the adequacy of security and controls is evaluated and critical business functions and outage times are defined, the business continuity planner needs to develop an understanding of the probability of threats factored by the severity or impact and to start to develop a cost benefit analysis of the largest impact and highest probability threats.

Its virtually impossible to create an absolute value and prioritization of threats and impacts. Generally, a relational system is used to drive out the key priorities. Often, each threat is evaluated according to its probability and assigned a 1, 5 or 10 rating. Then, each threat is evaluated according to its impact on critical business functions and on the business overall. For example, a discontinuity in a critical business function of less than one hour might receive a value of 0. A discontinuity of one to eight hours might be ranked a 1, eight to twenty four hours might be ranked a 2 and over 24 hours might be ranked a 3. Obviously, these rankings need to be developed on a company specific basis. Probability factored by impact creates the relational prioritization list.

This approach to risk evaluation and control allows management to start to quantify the risks and potential impacts on the organization in a thoughtful and analytical way. This results not only in higher quality decisions, but also provides an audit trail that demonstrates that management is paying attention to its risk management responsibilities. These responsibilities might be established by regulatory or legal bodies, demanded as a contractual commitment by customers or simply expected by shareholders as sound and prudent management. The key corporate goals are to protect people, protect assets, protect data and to protect the brand and reputation of the organization.

About The Author

Robert Mahood has significant technology and management experience in data communications, internet, storage, disaster recovery and data recovery. He is currently the president of Midwest Data Recovery. http://www.midwestdatarecovery.com

bmahood@midwestdatarecovery.com, 312 907 2100 or 866 786 2595

Business Continuity and Disaster Recovery - Reducing Your Risk Profile
Like all plans, there is an ultimate goal to achieve. The goal in a business continuity plan is simply that: to continue your business in the face of a disaster or a disruption. A business continuity plan is not just for a disaster. Its also for t...

The Importance of Disaster Recovery Planning
Picture the scene, its Monday morning and youve traversed the morning rush hour and arrived at the office only to find a disaster zone. Over the weekend the office has experienced a fire that has all but destroyed the premises. IT, key documents, p...

Business Continuity and Disaster Recovery - A Business Not a Technology Issue
Hackers, hurricanes, fires, flooding, power outages, denial of service attacks, application failures, employee error, sabotage and now terrorism are helping companies to focus on the necessity of a business continuity plan.Through the late 1990s as c...

Can A Business Continuity Plan Save Your Business?
Think about it!When you start a business you create a business plan. When you want to bring a product to market, you create a marketing plan.Doesnt it make sense to create a Business Continuity Plan to save your business? Of course it does!Not ever...

Disaster Recovery Services: Questions to Ask of a Service Provider
With increasing dependence on systems availability, the recovery of your core servers, applications and network are fundamental in the event of a disaster. In fact, as organisations rely more and more on anytime, anywhere connectivity, systems availa...

Hard Drive Failure: Picking Up the Digital Pieces of Your Life
When a Digital Disaster Strikes, Who are you going to call?ECO Data Recovery has been recovering mission critical data for over 20years.Once upon a time, if your hard drive failed you had it repaired. This was a much more cost effective solution rath...

Top Six Reasons Why You Need A Data Center Disaster Recovery Plan
I have seen so many startup businesses make the same old mistake of not having a data center disaster recovery plan and thinking that is not necessary. The most common reason that most of these businesses make this decision is that they see a disaste...

Data Loss and Preventative Measures to Avoid It
Data Loss can be devastating. It could instantly take a small or medium size business from Open for Business to Out of Business in an instant. On a personal level, it can wipe away weeks, months and even years of critical data where there is no means...

Data Disaster Recovery Plan for Total Disaster
(A) ScopeThis DR Plan is designed for the worst case scenario. i.e. complete loss of the site - fire, water damage (flood), earthquake.Here are the key areas that you need to focus:* Crisis Management Procedures* Security Procedures held by Building ...

Disaster Recovery- Managing the Risk
Helping your business survive in the event of an unforeseen disaster: Most business failures are not from bad business but from bad business practices.Most companies that fail are the ones that have not planned how their business will continue to fu...

This entry was posted on Thursday, August 7th, 2008 at 4:52 pm and is filed under RSS Feed Icon Data Recovery Service . You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Proudly powered by WordPress.   Theme by Matt Martin Graphic & Web Design