cleaning up Sparks

Corpus/Sparks/ISMS/Business Impact Analysis (BIA).md

@@ -0,0 +1,24 @@
+# Business Impact Analysis (BIA)
+
+Business Impact Analysis (BIA) is an activity within the proces of Business Continuity Planning ([BCP](../📚️%20Literature%20notes/BCP_Bedrijfscontinuïteitsplanning.md)).
+
+The goal of a Business Impact Analysis (BIA) process is 
+
+A Business Impact Analysis (BIA) examines the potential impacts of disruptions, such as financial losses, reputational damage, regulatory penalties, and operational continuity.
+The outcomes help to prioritize business activities and resources to enable the resumption of product and service delivery after a (major) disruption[^1].
+
+Guidelines and tooling:
+- [Guidelines for business impact analysis ISO 22317](../../Standards/ISO27x/ISO%2022317%20Guidelines%20for%20business%20impact%20analysis.md)
+- [Assessing reputational risks](../../Various/Assessing%20reputational%20risks.md)
+- [BIA Workshop](../../Standards/ISO27x/Implementation%20Products/BIA%20Workshop.md)
+- [TLP impact matrix](../../Literature%20notes/Traffic%20Light%20Protocol%20TLP.md)
+- Afhankelijkheid tussen systemen/voorzieningen?
+	- Resource Breakdown Structure (RBS)
+	- Fishbone Diagram (Ishikawa/Cause and Effect): Useful for identifying root causes of dependencies and resource constraints in processes.
+
+ISO 27001 Controls:
+- [5.29:](../../MoCs/ISO_27002_2022_5.29_MoC%20Information%20security%20during%20disruption.md) Information security during disruption
+- [5.30:](../../MoCs/ISO_27002_2022_5.30_MoC%20ICT%20readiness%20for%20business%20continuity.md) ICT readiness for business continuity
+- [5.9:](../../MoCs/ISO_27002_2022_5.9_MoC%20Inventory%20of%20information%20and%20other%20associated%20assets.md) Inventory of information and other associated assets – regarding assets marked Critical on the Availability aspect 
+
+[^1]: See [Disaster Recovery Planning](Disaster%20Recovery%20Planning.md)