Implementing BIA

Answer: The Business Impact Analysis related to ISO 22301 focuses not only on IT aspects that may affect a business during disruption, but on every organizational aspect that may impact business (e.g., a disaster hitting most of the staff of a critical process, supplier failure, etc.). Considering that, you should fill one questionnaire for each activity you consider critical to business, and after that you will have identified all IT services that are essential f or those activities, and proceed with proper treatment.

2. Besides, I had try to access https://www.iso27001standard.com/how-to-implement-business-impact-analysis-according-to-iso-22301-bs-25999 but fail.

Answer: First of all, sorry for this inconvenience. Here is the right links:
- How to implement business impact analysis (BIA) according to ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-implement-business-impact-analysis-bia-according-to-iso-22301/

3. Would you mind share with me a sample filled enclosed questionnaire for reference? Meanwhile, I had study your “Becoming resilient – The definitive guide to ISO 22301 implementation” as well. Refer to the P.123 Figure 10 mention an example of BIA Questionnaire – determining the Maximum Data Loss/RPO. This sample is quite suit for me looking for. Is it can fit in to the enclosed questionnaire or it have another simply version of questionnaire?

Answer: Unfortunately we do not have such detailed document samples to offer. But included in your toolkit you have access to a tutorial that can help you fill your BIA, using real data as example.

Also, the blog post on previous corrected link has an example on how fill in the BIA.