Business Continuity and Disaster Recovery - Business Impact Analysis

Business impact analysis is a critical part of the business continuity planning process. This step quantifies data and gets into the real world issue of potential losses that can negatively impact your business. It is used to understand the most important impacts and how to best protect your people, processes, data, communications, assets and the organization's goodwill and reputation.

Organizations often think in terms of disaster recovery. Business continuity and the business impact analysis is more focused on keeping the business up and running and less focused on recovery after a disaster. The business impact analysis also is not focused only on the potential disasters, but on all potentially critical discontinuities. Key elements of the Business Impact Analysis are to identify critical business functions, establish the maximum acceptable outage time for each of these functions and then to determine the impact of not performing those functions. This can be measured against regulatory, legal, financial, operations or customer service requirements.

Once the adequacy of security and controls is evaluated and critical business functions and outage times are defined, the business continuity planner needs to develop an understanding of the probability of threats factored by the severity or impact and to start to develop a cost benefit analysis of the largest impact and highest probability threats.

It's virtually impossible to create an absolute value and prioritization of threats and impacts. Generally, a relational system is used to drive out the key priorities. Often, each threat is evaluated according to its probability and assigned a 1, 5 or 10 rating. Then, each threat is evaluated according to its impact on critical business functions and on the business overall. For example, a discontinuity in a critical business function of less than one hour might receive a value of 0. A discontinuity of one to eight hours might be ranked a 1, eight to twenty four hours might be ranked a 2 and over 24 hours might be ranked a 3. Obviously, these rankings need to be developed on a company specific basis. Probability factored by impact creates the relational prioritization list.

This approach to risk evaluation and control allows management to start to quantify the risks and potential impacts on the organization in a thoughtful and analytical way. This results not only in higher quality decisions, but also provides an audit trail that demonstrates that management is paying attention to its risk management responsibilities. These responsibilities might be established by regulatory or legal bodies, demanded as a contractual commitment by customers or simply expected by shareholders as sound and prudent management. The key corporate goals are to protect people, protect assets, protect data and to protect the brand and reputation of the organization.

About The Author

Robert Mahood has significant technology and management experience in data communications, internet, storage, disaster recovery and data recovery. He is currently the president of Midwest Data Recovery. www.midwestdatarecovery.com

bmahood@midwestdatarecovery.com, 312 907 2100 or 866 786 2595

More Resources

Unable to open RSS Feed $XMLfilename with error HTTP ERROR: 404, exiting

More Data Recovery Information:

Related Articles

3 Ways Computers Can Hurt Your Ministry - Part 1 - Ineffective Data Backups
Our computers have become almost indispensable ministry tools. What would you do if the worst happened and you had to function without your computers? Would your ministry survive?This article is the first in a 3-part series on how to protect your ministry from serious computer-related loss.
Data Recovery The Easy Way
If you aren't prepared in advance, you will most likely have to use a data recovery service or data recovery software solution to help get back as much as you can of what was lost. This can be a very good idea if there is no other way to recover your files, but it doesn't have to come to that in most cases.
Hard Drive Crash? The Essential Data Recovery Report
Your worst nightmare just became a horrifying reality. You keep hearing that little voice in your head mockingly shout "you should have backed that stuff up" The voice keeps echoing throughout your head as you perform a quick inventory all of the important information that you just lost?.
3 Simple Steps To Organize Your Critical Online Home Based Business Directory
If You are running an Online Work at home Business it is very critical that you create a well organized directory structure. The Obvious advantage of an organized Directory structure is it makes it easy to find what you need.
I Lost It! Simple Guide To Recovering Corrupted Images And Files
WinUndeletehttp://www.deprice.
5 RAID Data Recovery Prevention Tips
If you have spent the time to increase your computer'sperformance by setting up a hardware RAID array, you owe it toyourself to invest a little extra time and effort in maintainingthe hard disks in your setup. Following these tips will helplimit the need for data disaster recovery in the future.
Avoiding Hard Disk Data Recovery Services
As a home computer owner, one of the greatest threats to yourinformation and to your wallet, is hard disk failure. When yourdrive crashes, you will quicky realize how valuable theinformation you can no longer access is.
5 Simple Tips to Prevent MS Access Database Corruption
It's important to understand that any time an Access client disconnects unexpectedly, it may set a "corruption flag" in the .mdb file indicating that the database is in a corrupt state (regardless of whether any data has actually been corrupted or not).
Data Recovery Processes
Six months ago my computer crashed. When I turned my computer on it would not load Windows XP and so I could not get into my two hard drive files.
Backup 101 - How To Pick The Right Backup Software
Vision Backuphttp://www.deprice.
Computer Data Backup - Data Backup Solution Will Give You A Peace Of Mind
Imagine that you have been working on a file for the entire day and there was a power surge that caused your computer to 'black out'. It would have been a frustrating experience for us as we had put in a lot of time and effort into it.
Business Continuity and Disaster Recovery - The Business Continuity and Disaster Recovery Plan
Essentially, the plan addresses the who, what, where, why and when of recovery. Goal number one is to reduce the risk profile of the business.
Do I Really Need To Backup?
Okay, computers a machine, right? Okay, maybe not yours. Youhave this special relationship, but that a subject foranother article.
How To Use Spyware Elimination Software
Spyware elimination software is designed to detect andeliminate spyware. A large number of spyware eliminationsoftware products are available.
Are The Words Business Continuity and Disaster Recovery Planning Rolling Off Your Lips?
It might be more fun to talk about those free online business cards that are saving the company money, or those nifty designer business checks that are helping to solidif your branding efforts at the next staff meeting, but what really should be rolling off your lips are the words "business continuity and disaster recovery planning". Nothing is more important to a company than having a comprehensive recoveery plan in place prior to when disaster strikes.
Online Data Backups for Newbies
How long have you been doing business online? Whether you are new or an old timer you need to understand the one important truth of the e-world. That being that the largest threat to business survival is data loss.
HasYour Computer Hard Drive Ever Crashed? Are You Challenged by Backups?
The following scenario's have probably been repeated thousands of times, on computer systems of all kinds and sizes, operated by all levels of users from complete novice, to expert user. • You log on and your computer will not boot to your operating system.
Business Continuity and Disaster Recovery - Reducing Your Risk Profile
Like all plans, there is an ultimate goal to achieve. The goal in a business continuity plan is simply that: to continue your business in the face of a disaster or a disruption.
Backup Your Data Or Lose Your Life!
Oh the perils of collecting those precious photos on your PC for years, only to have your hard drive crash one day, and not have made a SINGLE BACKUP COPY of any of your priceless pictures. Well, now is the time to backup your hard drive.
Data Recovery: Beginners Tips
Right now you probably in a lot of mental pain, and all you're concerned about is recovering your data as quickly as possible - so we'll refrain from comments on the wisdom of regular back ups. The time for preventative measures has gone - the issue at hand is data recovery.