Physical assets are not the only important consideration in BIA analysis. The se
ID: 469997 • Letter: P
Question
Physical assets are not the only important consideration in BIA analysis. The security of information is also essential in a complete plan for adequate risk management. Complete the following assignment: Select an organization and discuss what type of information should be protected in a BIA plan. How would you ensure protection of the confidentiality of such information and prevent its loss?
I need a original source not used before and not copied , please answer in wordformat not attachment thanks.
Any organization can be picked this can be googled.
Explanation / Answer
Business Impact Analysis and its importance for business continuity/ Need to secure Information as well
The purpose of the business impact analysis (BIA) is to identify and analyse business units, cell, departments and business processes related to business operations are essential or key processes related to survival and growth of business activities. BIA analysis ensures how quickly key business units and processes are continued to full operation in disaster situation or under circumstances of risks occurred during operations and executions. It will include to identify the resources in terms of hardware, software, manpower are required to resume business operations and maintain business continuity. It is not only maintaining and considering only physical infrastructure as security or confidentiality of information is also required to be considered and protected in BIA plan as well as implement mechanism to secure critical information of business activities.
Information system and impact of MIS in business/ Advantage of information system for business/ why it is required considered in BIA
MIS helps an Organisation to enhance their business value and assists all level of management like Top or Middle level managers to formulate strategies to have competition edge. In today’s era information and management of it is key aspect for every decision taken in an organization. Management can be considered as efficient and powerful if relevant and reliable information are available on regular basis with accuracy. It is inevitable task for manager to develop MIS for effective reporting system in order to use for future planning, forecasting, controlling and execution of business processes.
Example: Delight core Technologies Ltd (IT service provider)
Delight core Technologies Limited is Information Technology Products and Software Solutions provider Company headquartered in Australia with a vision of customer satisfaction. It is major service provider in IT domain with expertise in IP-based technologies having offices over 50 countries to provide business solutions in IT market.
Type of information should be protected in a BIA plan/ ensure protection of the confidentiality of such information and prevent its loss
Database servers / email servers/ hosting servers/web servers
Backup plan for servers
It is risk for when a business when interruption in operation or in client services happens, companies calculate and find recovery plan to balance out the cost of the disaster recovery, and damage control and protect their operations. There should be backup plan for servers
Determine Impacts and downtime of system
Here company has defined measures for Impact categories of risk or disaster and values to characterize levels of severity and priority in organization based on level of significance and time to resolve in order to continue business activities. .
The following impact categories represent criticality of consideration in the event of a disruption or impact.
Impact category: IT system recovery
Impact values for assessment
Example impact category = Incurred Cost in failure of system at client location
BIA plan must include system recovery with Estimated Downtime
Companies are using following mechanism to ensure protection and confidentiality information