Information Security and Risk Managment

  

Task 1

1. Define BIA (Business Impact Analysis)

2. Define BCP (Business Continuity planning)

3. Explain how BIA fits within BCP 

Goal and Purpose of BIA:  

The Main Goal and purpose of BIA are to analyze mission-critical services and business functions. Moreover, it helps to find and prioritize System resources/ Components by mutual relating them to the Critical processes or Services and identify the impact on those services if the System becomes unavailable.

BIA is used to find out impact to quantitative and qualitative process. organization determine five short and long RTO categories. As per there criticality processes and systems are kept in appropriate categories. BIA determines the time frame to restore each process or system to avoid serious organizational impact. for example, data backup should happen as frequently as possible. Recovery point objective should always be determined before any kind of data lost happens. Data restoration and time needed for it should always be considered as function of recovery time objective. 

Task 2 

1. Why do you believe (or don’t believe) reviewing a risk assessment plan is important.

2. What are risk elements; what process/s is/are used to find these risk elements; what role does a cost-benefit analyzes play in evaluating these risk elements?

3. Explain your understanding of a risk mitigation plan. As you recall, this was already partially discussed in week 10. However, for this week, go into the specifics of the plan, to include a narrative on the best practices used.

4. What role those a business impact analysis play in the overall risk management process? Include a discussion on the steps and critical elements a business impact analysis will provide.

5. Discuss your understanding of the benefits that can be derived from a business impact analysis, to include best practices to follow.

Tags: No tags