This BIA Plan template can be used by any organization. Refer to other packages for additional supporting documents for a complete Enterprise wide Business Impact Analysis.
Cost: $90
Buy Now
Final BIA Executive Management Report Templates w/ Charts
Objectives
The intent of the Business Impact Analysis (BIA) was to help our organization identify which business units, operations and processes are crucial to the survival of the business. The BIA has identified the time frames in which essential business operations must be restored to full functionality following a disruptive event. It has defined the business impact of not performing critical business operations based on a worst-case scenario. The BIA has also identified the resources required to resume business operations to a functioning level.
A worst-case scenario assumes that the physical infrastructure supporting each respective business unit has been destroyed and all records, equipment, etc are not accessible within 30 days.
The objectives for this BIA were:
- Estimate the financial, customer/operation, and legal/regulatory impacts for each major business unit, assuming a worst-case scenario
- Determine the estimated number of personnel required for recovery operations
- Identify the critical business functions, business unit processes and the estimated Recovery Time Objective (RTO) for each business unit.
- Provide a foundation for implementing Contingency Plans for HIPAA Security Rule 164.308 (a) (7) compliancy.
The RTO is the maximum allowable time a process can be inoperative following an outage / disruptive event.
These timeframes may have to be re-evaluated to meet the requirements of the Technology capabilities. If the capabilities of technology do not meet the requirements of the business unit, a gap exists. These gaps must be mitigated to prevent extended outages and impact to your organization.
Table of Contents:Executive BIA Finding Report
EXECUTIVE OVERVIEW
Objectives
Scope
Approach
Department Responses and Findings
BUSINESS UNIT RESULTS
SUMMARY OF FINDINGS
Combined Financial Impact
Combined Customer/Operational Impact
Combined Legal and/or Regulatory Impact
Recovery Personnel Requirements
Recovery Time Objectives for Business Processes
Manual Work-Around Processes
Work Backlog Processing
Recovery Complexity for Business Units
CONCLUSION
APPENDIX
APPENDIX A – BIA QUESTIONNAIRE
APPENDIX B – INDIVIDUAL FULL DEPARTMENT RESPONSES
APPENDIX C – BLANK DEPARTMENT OVERVIEW FORM
APPENDIX D – CUMULATIVE REPORT CHART TEMPLATES
Final Business Unit
Report Template w/ Charts
<Enter Department Name> |
| Location of Department: |
| Participant: |
Date of Report: |
The interview was conducted by <Enter the Name of Person(s) conducting interviews> on <Enter Month, Day, and Year>.
Overview of Business Unit (Department)
The <Enter Department Name> department is responsible for <enter responsibilities, duties, tasks. (Just provide a high level overview of the department). Identify if the department does or does not provide direct patient care.
Business Processes
- <Enter Process Names and put the RTO in ( ) >
- <Enter Process Names and put the RTO in ( ) >
- <Enter Process Names and put the RTO in ( ) >
Electronic Protected Health Information
- <Identify the processes, applications, etc that contain ePHI>
- <Identify the processes, applications, etc that contain ePHI>
Vendors
- <Enter Vendor Name>
- <Enter Vendor Name>
Internal Dependencies
- <Enter Dependency and put RTO in ( ) >
- <Enter Dependency and put RTO in ( ) >
External Dependencies
- <Enter dependency and put RTO in ( ) >
- <Enter dependency and put RTO in ( ) >
Applications
- <Enter applications and put RTO in ( ) >
- <Enter applications and put RTO in ( ) >
To view specific section of this document, please contact us at Sales@training-HIPAA.net or call us at (515) 865-4591.
