Business Impact Analysis Executive Overview
Objectives
The intent of the Business Impact Analysis (BIA) was to help our organization identify which business units, operations, and processes are crucial to the survival of the business. The BIA has identified when essential business operations must be restored to full functionality following a disruptive event. It has defined the business impact of not performing critical business operations based on a worst-case scenario. The BIA has also identified the resources required to resume business operations to a functioning level.
A worst-case scenario assumes that the physical infrastructure supporting each respective business unit has been destroyed and all records, equipment, etc., are inaccessible within 30 days.
The objectives for this BIA were:
- Estimate the financial, customer/operation, and legal/regulatory impacts for each major business unit, assuming a worst-case scenario
- Determine the estimated number of personnel required for recovery operations
- Identify the critical business functions, business unit processes, and the estimated Recovery Time Objective (RTO) for each business unit.
- Provide a foundation for implementing Contingency Plans for HIPAA Security Rule 164.308 (a) (7) compliance.
The RTO is the maximum allowable time a process can be inoperative following an outage / disruptive event.
These timeframes may have to be re-evaluated to meet the requirements of the Technology capabilities. If the capabilities of technology do not meet the requirements of the business unit, a gap exists. These gaps must be mitigated to prevent extended outages and impact on your organization.
Table of Contents: Executive BIA Finding Report
EXECUTIVE OVERVIEW
- Objectives
- Scope
- Approach
- Department Responses and Findings
BUSINESS UNIT RESULTS
SUMMARY OF FINDINGS
- Combined Financial Impact
- Combined Customer/Operational Impact
- Combined Legal and/or Regulatory Impact
- Recovery Personnel Requirements
- Recovery Time Objectives for Business Processes
- Manual Work-Around Processes
- Work Backlog Processing
- Recovery Complexity for Business Units
CONCLUSION
APPENDIX
APPENDIX A – BIA QUESTIONNAIRE
APPENDIX B – INDIVIDUAL FULL DEPARTMENT RESPONSES
APPENDIX C – BLANK DEPARTMENT OVERVIEW FORM
APPENDIX D – CUMULATIVE REPORT CHART TEMPLATES
To view a specific section of this document, please contact us at Bob@training-hipaa.net or call us at (515) 865-4591.
To buy individual template packages, visit the following links: