Login Signup
Verified Document

Bia Stakeholder Analysis Business Impact Assessment And Essay

Related Topics:
Stakeholders Process Analysis Contingency Plan Business Intelligence
Open Document Cite Document

BIA Stakeholder Analysis

Business Impact Assessment and disaster management

A business impact assessment (BIA) is designed to evaluate the impact of a disaster upon the functioning of the organization and ideally, determine ways for the organization to remain operational, even during the stressors of a full-blown attack on its informational systems or a widespread catastrophe like a national disaster. "BIA report quantifies the importance of business components and suggests appropriate fund allocation for measures to protect them. The possibilities of failures are likely to be assessed in terms of their impacts on safety, finances, marketing, legal compliance, and quality assurance. Where possible, impact is expressed monetarily for purposes of comparison. For example, a business may spend three times as much on marketing in the wake of a disaster to rebuild customer confidence" than it did before the catastrophe (BIA, 2013, Search Storage). Another definition of a BIA is "to identify the organization's mandate and critical services or products; rank the order of priority of services or products for continuous delivery or rapid recovery; and identify internal and external impacts of disruptions" (A guide to business continuity planning, 2013, Public Safety). Prioritization is thus another critical component of BIA: not every situation can be planned for nor can every risk be perfectly controlled, but through prioritization and the determination what are mission-critical components of the organization, it can be assured that the organization can continue to function and offer necessary services within the least possible number of disruptions (BIA, 2013, FEMA).

One of the first steps is thus component priority, determining which components are most important for the business to function (Johnson 2010: 278). The second step is component reliance, which means, of these important components, which ones are critical because of the interrelation between those components and others necessary to do business (Johnson 2010: 278). Functions, dependencies, and the human intelligence required to fulfill...

A BIA takes into consideration risk exposure (likelihood of risk) and the damage that risk could entail. For example, a tornado might be an extremely impactful risk for a mid-Atlantic state like NJ, but lower in likelihood than a Midwestern state such as Kansas. There must be a prioritization of risks, threats, and vulnerabilities (Johnson 2010: 278-279). All are equally important yet critically different components of the BIA. "Once all relevant information has been collected and assembled, rankings for the critical business services or products can be produced. Ranking is based on the potential loss of revenue, time of recovery and severity of impact a disruption would cause. Minimum service levels and maximum allowable downtimes are then determined" (A guide to business continuity planning, 2013, Public Safety).
Approaches to dealing with risk include risk avoidance, risk management, risk acceptance, and risk transference. Although all strategies are likely to be included, they will vary from organization to organization and scenario to scenario. Yet while a variety of coping strategies are afforded to the organization, the ultimate ideal is prevention. To prevent damage to an organization, continual screening is demanded. For example, to determine the resources needed to cope with a threat to the IT system, a vulnerability assessment might simulate a firewall attack, to see if the system can withstand such an impingement. Then, once the vulnerabilities are determined the system designers attempts to rectify them -- but given that complete prevention is not possible, there must also be contingency plans in place to determine what to do if the system is broached. "The assessment must also address the cost to business and the cost of remediation" (Johnson 2010: 282).

Then, the financial costs to the business of various risks may be determined. For example, a common threat to a business is a power failure. For some businesses, being 'offline' for a few hours might not be catastrophic;…

Continue Reading...
Sources used in this document:
References

Business Impact Analysis (BIA). (2013). FEMA. Retrieved:

http://www.ready.gov/business-impact-analysis

Business Impact Analysis (BIA). (2013). Search Storage. Retrieved:

http://searchstorage.techtarget.com/definition/business-impact-analysis
http://www.publicsafety.gc.ca/prg/em/gds/bcp-eng.aspx
Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
Computer Security: Corporate Security Documentation Suitable for
Words: 5280 Length: 19 Document Type: Essay

Computer Security: Corporate Security Documentation Suitable for a Large Corporation Item (I) in-Depth Defense Measures (II) Firewall Design (III) Intrusion Detection System (IV) Operating System Security (V) Database Security (VI) Corporate Contingency of Operation (VII) Corporate Disaster Recovery Plan (VIII) Team Members and Roles of Each (IX) Timeline with Goal Description (X) Data Schema (XI) Graphical Interface Design (XII) Testing Plan (XIII) Support Plan (XIV) Schematics Computer Security: Corporate Security Documentation Suitable for a Large Corporation (I) In-Depth Defense Measures Information Technology (IT) Acceptable Use Policy The intentions of

Read More
Essay
Information Security Evaluation for OSI Systems a Case Study
Words: 4698 Length: 10 Document Type: Case Study

OSIIT An analysis of IT policy transformation The aim of this project is to evaluate the effectiveness of information security policy in the context of an organization, OSI Systems, Inc. With presence in Africa, Australia, Canada, England, Malaysia and the United States, OSI Systems, Inc. is a worldwide company based in California that develops and markets security and inspection systems such as airport security X-ray machines and metal detectors, medical monitoring anesthesia

Read More
Essay
Analyzing Continuity of Operations
Words: 1534 Length: 5 Document Type: Essay

Operations Outline the major risks associated with maintaining continuity of operations in the event of an environmental catastrophe. The Chief Operating Officer Berwick Hospital System Risks Linked to Environmental Disaster The Berwick Hospital System identified some susceptibilities common to hospitals in Louisiana that experienced the Rita and Katrina calamities. For minimizing the harm, we may suffer in case an environmental disaster strikes, I have encapsulated within this memo a few potential risks linked to

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now