Business Impact and Risk Assessment
The purpose of a Business Impact and Risk Assessment is to determine the approximate business value of IT assets, to assess the impact the loss of those assets would have on business units, and to assign recovery priorities to the assets.
The Business Impact and Risk Assessment involves seven steps:
- Assess threats and risks.
- Assess data center vulnerabilities.
- Document DRP basics.
- Assign value to IT assets.
- Assign prioritization to assets.
- Determine costs versus risk tradeoff.
- Maintain risk plans.
When a Business Impact and Risk Assessment is completed, you will have a complete list of the risks specific to each IT asset, as well as risk reports and profiles for the business impact analysis. Consider revisiting your Business Impact and Risk Assessment annually.
IT Continuity Planning
Bundle 1 of 3
Business Impact and Risk Assessment FastTrack
|Inventory Corporate Assets||
Corporate Asset Inventory
|Identify Threats/Risks Specific to Assets||
Potential Risk Checklists
|Identify Existing Mitigation||
DRP Operational Analysis
|Summarize the Operational Analysis||
Operational Analysis Summary
|Conduct An Audit of the Data Center||
Data Center Security Audit
Data Center Security Audit (Core)
|Conduct Probability Assessments||
Data Center Risk Probabilities
|Document Business Structure and Key Stakeholders||
Disaster Recovery Planning Workbook
|Plan Against Downtime/Loss of Asset||
|Conduct a Business Impact Analysis||
Risk and Business Impact Analysis Worksheet
Technical Risk Analysis Report
|Prioritize Recovery by Impact to Business Units||
Business Unit Prioritization
|Document Prioritized Recovery List||
Recovery Prioritization Meeting
|Create Asset-Specific Risk Reports||
Asset Risk Report
|Conduct ROI Studies||
Mitigation Project ROI & Prioritization Tool
Return on Security Investment Calculator
|Document, Track, and Manage Risks||
Request Trend and Analysis Tool