Expert Advice Community

Guest

BIA ISO 22301

  Quote
Guest
Sam Created:   May 05, 2021 Last commented:   May 07, 2021

BIA ISO 22301

Welcome friends,
I have a problem in BIA analysis. Analyzes an exemplary process: customer service at the financial point - stationary. The process is carried out, for example, in 10 locations in the country. In case of threats related to a specific point, e.g. a fire, only one facility loses. However, in the event of a ransomware attack or a complete failure of our ISP, none of the 10 work. What data related to the interruption of customer service should be taken into account in the analysis? Analyze the entire department or a single stationary service point? Please help!

Tags: BIA
0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 07, 2021

Please note that when performing BIA your focus is on the impact of interruption, considering the worst-case scenario, not on what can cause it.

Considering that, you should perform a BIA considering the interruption of customer service at all service points. During this BIA, you can organize the required resources for recovery according to each individual service point for better understanding of individual needs.

The identification of which risks can cause the interruption is used in another phase of the process (risk assessment, which should not be mixed with BIA), when you define controls to treat relevant risks (e.g., firefighting system, antimalware software, information backup, alternative providers, etc.)

These articles will provide you a further explanation about performing BIA:
- Risk assessment vs. business impact analysis https://advisera.com/27001academy/01academy/emy/ademy/my/knowledgebase/risk-assessment-vs-business-impact-analysis//
- How to implement business impact analysis (BIA) according to ISO 22301 https://advisera.com/27001academy/01academy/emy/ademy/my/knowledgebase/how-to-implement-business-impact-analysis-bia-according-to-iso-22301/
- Five Tips for Successful Business Impact Analysis https://advisera.com/27001academy/01academy/emy/ademy/my/blog/10/06/10/five-tips-for-successful-business-impact-analysis/ 

These materials will also help you regarding BIA:
- Implementing Business Impact Analysis according to ISO 22301 [free webinar on demand] https://advisera.com/27001academy/01academy/emy/ademy/my/webinar/implementing-business-impact-analysis-according-to-iso-22301-free-webinar-on-demand/
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

May 05, 2021

May 07, 2021

Suggested Topics