Scribd
Upload
19 views5 pages

Lab 7

Uploaded by

tu03xly
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
19 views5 pages

Lab 7

Uploaded by

tu03xly
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Lab #7: Assessment Worksheet

Part A – Perform a Business Impact Analysis for an IT Infrastructure

Course Name:

Student Name:

Instructor Name:

Lab Due Date:

Overview
When performing a BIA, you are trying to assess and align the affected IT systems, applications, and
resources to their required recovery time objectives (RTOs). The prioritization of the identified mission
critical business functions will define what IT systems, applications, and resources are impacted. The
RTO will drive what kind of business continuity and recovery steps are needed to maintain IT operations
within the specified time frames.

1. Performa BIA assessment and fill in the following chart:

Business Function Business Impact Recovery IT Systems/Apps


Or Process Factor Time Objective Infrastructure Impacts

Internal and external voice


communications with
customers in real-time

Internal and external e-mail


communications with
customers via store and
forward messaging
DNS – for internal and
external IP communications
Internet connectivity for e-
mail and store and forward
customer service
Self-service website for
customer access to
information and personal
account information
e-Commerce site for online
customer purchases or
scheduling 24x7x365

Payroll and human


resources for employees

Real-time customer service


via website, e-mail, or
telephone requires CRM

Network management and


technical support

Marketing and events

Sales orders or customer/


student registration
Remote branch office sales
order entry to headquarters
Voice and e-mail
communications to remote
branches
Accounting and finance
support: Accts payable,
Accts receivable, etc.

Part B – Craft a Business Impact Analysis Executive Summary

Craft a BIA executive summary, follow this structure and format:

a. Goals and purpose of the BIA – unique to your scenario


b. Summary of Findings – business functions and assessment
c. Prioritizations – critical, major, and minor classifications
d. IT systems and applications impacted - to support the defined recovery time objectives
Lab #7: Assessment Worksheet

Perform a Business Impact Analysis for an IT Infrastructure

Course Name:

Student Name:

Instructor Name:

Lab Due Date:

Overview
After completing your BIA report for your scenario and IT infrastructure, answer the following Lab #7 –
Assessment Worksheet questions. These questions are specific to your BIA you performed for your
scenario and IT infrastructure. Justify your answers where needed.

Lab Assessment Questions


1. What is the goal and purpose of a BIA?

2. Why is a business impact analysis (BIA) an important first step in defining a business continuity plan
(BCP)?

3. How does risk management and risk assessment relate to a business impact analysis for an IT
infrastructure?

4. What is the definition of Recovery Time Objective (RTO)? Why is this important to define in an IT
Security Policy Definition as part of the Business Impact Analysis (BIA) or Business Continuity Plan
(BCP)?
5. True or False - If the Recovery Point Objective (RPO) metric does not equal the Recovery Time
Objective (RTO), you may potentially lose data or not have data backed-up to recover. This
represents a gap in potential lost or unrecoverable data.

6. If you have an RPO of 0 hours – what does that mean?

7. What must you explain to executive management when defining RTO and RPO objectives for the
BIA?

8. What questions do you have for executive management in order to finalize your BIA?

9. Why do customer service business functions typically have a short RTO and RPO maximum
allowable time objective?

10. In order to craft back-up and recovery procedures, you need to review the IT systems, hardware,
software and communications infrastructure needed to support business operations, functions and
define how to maximize availability. This alignment of IT systems and components must be based on
business operations, functions, and prioritizations. This prioritization is usually the result of a risk
assessment and how those risks, threats, and vulnerabilities impact business operations and functions.
What is the proper sequence of development and implementation for these following plans?
Business Continuity Plan :
Disaster Recovery Plan :
Risk Management Plan :
Business Impact Analysis :

You might also like