This article can also be found in the Premium Editorial Download "Information Security magazine: Symantec 2.0: Evaluating their recent acquisitions."
Download it now to read this article plus other related content.
A business impact analysis can be a manual that helps your company weather disasters.
In IT, the idea of anything shutting down business—even for a day—is terrifying. Downtime costs money, and there are areas of the business that must stay running despite a disaster, natural or man-made. Nevertheless, trying to ensure near-total uptime for every machine and process would bankrupt most companies long before an outage would.
The challenge for IT managers is prioritization: determining which areas of the business must stay operational and which can afford to be down. We know that the company will lose money if revenue-generating areas can't function, but how much money? We know that without access to tools and resources, marketing and human resources are less productive, but how much less productive?
Knowing which areas of the business need to get up and running first after a system goes down can mean the difference between survival and extinction. That's where a business impact analysis (BIA) comes in. Like a survival guide for your business, it lays out which areas are most critical—either because they directly generate revenue or the company depends on them for successful day-to-day operation.
A BIA can also help drive other security functions, such as vulnerability assessment, risk management and incident response. Strategic planning and handling will make your BIA an effective guide to ensure your company
This was first published in November 2006