Business Impact Analysis Flashcards
Business Impact Analysis
payment processing systems
customer/patient records
Prioritize mission-critical processes
Business Impact Analysis
identify sensitive data
identify single point of failure
identify security controls and compliance
Asses Risk
Business Impact Analysis
Fines
Loss of contracts
Financial
Business Impact Analysis
Loss of this
Reputation
Business Impact Analysis
Breach notification
escalation requirements
exfiltration
Data loss
Business Impact Analysis
Failed Component Impact
average time between repairable component failures
software patching
Mean Time between failures (MTBF)
Business Impact Analysis
Failed Component Impact
Average time between NON-repairable component failures
Hard disks
switches
routers
Mean Time To Failure (MTTF)
Business Impact Analysis
Failed Component Impact
Time required to repair a failed component
Mean Time To Repair (MTTR)
Business Impact Analysis
Locating Critical Resources
where is our sensitive data.
Data discovery and classification
Business Impact Analysis
Locating Critical Resources
First step before implementing solutions related to sensitive data
Privacy Threshold Assessment (PTA)
Business Impact Analysis
Locating Critical Resources
Privacy Impact Assessment (PIA)
Regulatory Compliance
Impact on sensitive data
Business Impact Analysis
Maximum tolerable amount of data loss
directly related to backup frequency
Recovery Point Objective (RPO)
Business Impact Analysis
maximum tolerable amount of downtime
return systems and data to usable state
Recovery Time Objective (RTO)
Business Impact Analysis
identifies how negative incidents will impact business processes and sensitive data
BIA
Business Impact Analysis
Related to the impact of failed components
MTBF
MTTF
MTTR
