business impact analysis bia 2

1. What is the goal and purpose of a business impact analysis (BIA)?

2. Why is a business impact analysis (BIA) an important first step in defining a business continuity

plan (BCP)?

3. What is the definition of recovery time objective (RTO)? Why is this important to define in an IT

Security Policy Definition as part of the business impact analysis (BIA) or business continuity

plan (BCP)?

4. How do risk management and risk assessment relate to a business impact analysis (BIA) for an IT


Performing a Business Impact Analysis for a Mock IT Infrastructure

5. True or false: If the recovery point objective (RPO) metric does not equal the recovery time

objective (RTO), you can potentially lose data that might not be backed up. This represents a gap

in potential lost or unrecoverable data.

6. If you have an RPO of 0 hours, what does that mean?

7. What must you explain to executive management when defining RTO and RPO objectives for the


8. What questions do you have for executive management in order to finalize your BIA?

9. Why do customer service business functions typically have a short RTO and RPO maximum

allowable time objective?

10. To write backup and recovery procedures, you need to review the IT systems, hardware, software,

and communications infrastructure that supports business operations and functions, and you need

to define how to maximize availability. This alignment of IT systems and components must be

based on business operations, functions, and prioritizations. This prioritization is usually the

result of a risk assessment and how those risks, threats, and vulnerabilities impact business

operations and functions. What is the proper sequence of development and implementation for the

following plans?:

Business Continuity Plan:

Disaster Recovery Plan:

Risk Management Plan:

Business Impact Analysis:

11. How does a BCP help mitigate risk?

12. What kind of risk does a BCP help mitigate?

13. If you have business liability insurance, asset replacement insurance, and natural disaster

insurance, do you still need a BCP or disaster recovery plan (DRP)? Why or why not?

14. From your scenario and BIA from the Performing a Business Impact Analysis for a Mock IT

Infrastructure lab in this lab manual, what were the mission-critical business functions and

operations you identified? Are these the focus of your BCP?

15. What does a BIA help define for a BCP?

16. Who should develop and participate in an organization’s BCP?

17. Why do disaster planning and disaster recovery belong in a BCP?

18. What is the purpose of having documented IT system, application, and data recovery procedures

and steps?

19. Why must you include testing of the plan in your BCP?

20. How often should you update your BCP document?

21. In your BCP outline, where will you find a list of prioritized business operations, functions, and


22. In your BCP outline, where will you find detailed backup and system recovery information?

23. In your BCP outline, where will you find a policy definition defining how to engage your BCP

due to a major outage or disaster?

24. In your BCP outline, where will you find a policy definition defining the resources that are

needed to perform the tasks associated with business continuity or disaster recovery?

25. What is the purpose of testing your BCP and DRP procedures, backups, and recovery steps?

"Looking for a Similar Assignment? Get Expert Help at an Amazing Discount!"
Looking for a Similar Assignment? Our Experts can help. Use the coupon code SAVE30 to get your first order at 30% off!