Security Management Program and Oversight: Risk Reporting and BIA Flashcards
What is Risk Reporting and BIA?
Description: In this episode, we’ll learn about risk reporting and business-impact analysis (BIA) that’s very typical in risk-management procedures today. This includes an analysis of recovery time objectives (RTOs), recovery point objectives (RPOs), mean time to repair (MTTR), and mean time before failures (MTBF).
As part of risk management, you should be monitoring and revising risks as business conditions change. As part of this, you should engage in updated risk reporting to key stakeholders in your organization, and perhaps outside, too.
what is RTO?
RTO: Presents the amount of time you can “afford” to have systems remain disabled.
What is RPO?
RPO: Presents the point in time you would need to restore to after a risk has been realized.
What is MTTR?
MTTR: Attempts to present the approximate amount of time that a system will take to be repaired.
What is MTBF?
MTBF: Attempts to present the amount of time that will elapse between failures of a device or a system.
