Managing Risk in Information Systems, 2nd Edition

CHAPTER

Mitigating Risk with a Business Impact Analysis

AN IMPORTANT PART of a business continuity plan (BCP) is a business impact analysis (BIA). The BIA is largely a data collection process. You can gather data through several methods. These include interviews, surveys, meetings, and more. After collecting the data, you can analyze it to identify the critical functions and resources.

Once you’ve identified the critical functions and resources, you can identify acceptable outage times. The maximum acceptable outage (MAO) for a resource drives the recovery objectives. The two primary recovery objectives to focus on are recovery time objectives (RTOs) and recovery point objectives (RPOs).

Chapter 12 Topics

This chapter covers the ...

Get Managing Risk in Information Systems, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Managing Risk in Information Systems, 2nd Edition by Darril Gibson

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly