Business Impact Analysis Policy

Purpose:

The Business Impact Analysis (BIA) Policy document establishes the activities that need to be carried out by each Business Unit, Technology Unit, and Corporate Units (departments) within the organization.

All departments must utilize this methodology to identify the processes they perform, the required resources to perform those processes, the timeframes in which those processes need to be recovered, any supporting dependencies, resources, facilities, etc, and the potential financial, operational, and legal/regulatory impact for the processes.

TERMINOLOGY
ACCOUNTABILITY
COMPLIANCE
REVISION HISTORY
ENDORSEMENT

I. POLICY OVERVIEW

A. Purpose
B. Scope
C. Ownership Roles & Responsibilities
D. Review Process
E. Reporting Process
F. Update Frequency and Annual Review
G. Approval

II. BIA REQUIREMENTS

A. BIA Completion
B. Business Process Identification
C. Business Process Recovery Time Objective
D. Financial Impact
E. Operational Impact
F. Legal and Regulatory Impact
G. Manual Work-Around Procedures
H. Required Resource

III. BIA RESULTS

A. Overall RTO for Department
B. Communication
C. Retention of BIA Survey

APPENDIX

APPENDIX A: BUSINESS IMPACT ANALYSIS STANDARDS

To view a specific section of this document, please contact us at Bob@training-hipaa.net or call us at (515) 865-4591.

View the Components of the Contingency Plan Templates Suite

Hospital Disaster Recovery & Business Continuity Plan Template Suite

Testimonials

FAQ on Contingency Plan Templates for Business Continuity & Disaster Recovery

View license agreement

To buy individual template packages, visit the following links:

Business Impact Analysis Template Packages

Risk Assessment Template Packages

Data Center Recovery Template Packages

BCP & DRP Template Packages

Business Impact Analysis policy for HIPAA Contingency Plan

Purpose:

Table of Contents