Business Impact Analysis 5.2 Flashcards

1
Q

Mean Time to Restore (MTTR)

A

When hardware or software system fails. This is the average time to restore the system.

MTTR = (total downtime) / (number of breakdowns)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Mean Time to Failure (MTTF)

A

This is the expected lifetime of a non-repairable product or system.

MTTF/MTBF = ∑ (start of downtime - start of uptime) / number of failures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Mean Time Between Failure (MTBF)

A

This is a prediction of how much time we can expect between failures.

MTTF/MTBF = ∑ (start of downtime - start of uptime) / number of failures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Recovery Time Objectives (RTO)

A

What is the recovery time to get everything back up and running to a particular service level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Recovery Point Objective (RPO)

A

How much data loss is acceptable? At what point of the recovery process, have you brought the system back to a said point?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Calculating Uptime and Availability

A

This is expressed as a percentage over time. You will hear the term “five nines” which means 99.999% availability. “Availability” is a negotiated definition. Especially if it’s part of your bonus.

Availability = MTBF / (MTBF + MTTR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Mission-Essential Functions

A

If a disaster occurred, what functions would be essential to the org? That is where you being your analysis. These are broad business requirements. What computing systems are required for these mission-essential business functions. Identify the critical systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Removing Single Points of Failure

A

A single event can ruin your day. You can plan backups to prevent this. Backup power, secondary routers, even backup people. There is no practical way to remove all points of failure. Money drives redundancy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Impact

A

Life - The most important consideration is people lives first and foremost.

Property - The risk to buildings and assets

Safety - Some environments are too dangerous to work

Finance - The resulting financial cost

Reputation - An even can cause status or character problems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Privacy Compliance

A

Some compliance requires a public privacy statement. The Gramm-Leach-Bliley Act requires financial discloser, HIPPA for healthcare. You need to conduct at Privacy Threshold Analysis (PTA). Identify which business processes are privacy-sensitive. Determine if a Privacy Impact Assessment (PIA) is required.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Privacy Impact Assessment (PIA)

A

Ensures compliance with privacy laws and regs. What Personally Identifiable Info (PII) is collected and why. How will that PII be collected, used, and secure?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Privacy Threshold Analysis (PTA)

A

The first step in the compliance process. Identify business processes that are privacy sensitive. Determines if a privacy impact assessment is required.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly