Top five business impact assessment considerations

What are the five most important things to consider when conducting business impact assessments?

    Requires Free Membership to View

The assessment must be approached from a business perspective rather than an IT perspective:

  1. Identify the key services a company provides. These can be internal services such as payroll and inventory or external services such as production, sales and transaction processing.
  2. Identify the tools used to provide those key services. These tools, also known as dependencies, can be a process, staff, a phone system, an application, etc.
  3. Determine the maximum length of time a key service can be interrupted before the company starts incurring financial losses or is impacted in other ways. This will dictate the service's resumption or recovery objective. We can now start drawing a parallel between the recovery objective for a service and the recovery objective for the application(s) on which the service depends; this becomes the recovery time objective (RTO).
  4. The impact, financial or otherwise, must be quantified or rated in order to rank criticality and recovery priority.
  5. Use the output of the risk assessment in conjunction with the business impact assessment to determine the appropriate risk mitigation or recovery strategy.

This was first published in August 2012

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: