Business Impact Analysis (BIA)

Business Impact Analysis (BIA) is an activity within the proces of Business Continuity Planning (BCP).

The goal of a Business Impact Analysis (BIA) process is

A Business Impact Analysis (BIA) examines the potential impacts of disruptions, such as financial losses, reputational damage, regulatory penalties, and operational continuity. The outcomes help to prioritize business activities and resources to enable the resumption of product and service delivery after a (major) disruption¹.

Guidelines and tooling:

Guidelines for business impact analysis ISO 22317
Assessing reputational risks
BIA Workshop
TLP impact matrix
Afhankelijkheid tussen systemen/voorzieningen?
- Resource Breakdown Structure (RBS)
- Fishbone Diagram (Ishikawa/Cause and Effect): Useful for identifying root causes of dependencies and resource constraints in processes.

ISO 27001 Controls:

5.29: Information security during disruption
5.30: ICT readiness for business continuity
5.9: Inventory of information and other associated assets – regarding assets marked Critical on the Availability aspect

See Disaster Recovery Planning ↩︎

1.8 KiB Raw Blame History Unescape Escape

Business Impact Analysis (BIA)

1.8 KiB

Raw Blame History