However, using business impact analysis software is preferable to not performing a risk assessment or business impact analysis at all. When choosing a business impact analysis software package, look for one that provides some flexibility within the functionality. A product might list 70 to 100 threats within an organization, but you need to be able to gauge which ones are appropriate. Perhaps 20 of these threats don't apply to your business, but you may have 10 additional threats that the package doesn't specify. The ability to modify the package to evaluate threats and associated risks is important. Additionally, your organization may have threats that are more applicable in one geographical area and others somewhere else (for example, hurricanes or snow storms). Choose a product that has the flexibility to handle these types of scenarios.
Also, there are some intangibles that must be evaluated -- things that don't have a specific financial impact, but are an integral part of the organization. This concept may get lost in an all inclusive, business impact analysis template format. While performing a business impact analysis, look at dependencies across the board; a process may not seem important on its own, yet it may be critical to a more profitable process further down the line.
Dig Deeper on Disaster recovery planning - management
Related Q&A from Harvey Betan
The hot site vs. cold site debate requires users to understand how each DR site works and the resources needed. While one is more budget-friendly, ... Continue Reading
Learn about the impact of virtualization on your disaster recovery strategy in this expert answer. Continue Reading
Learn about the pros and cons of business impact analysis tools and what should be in your BIA. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.