Professional Documents
Culture Documents
Business Impact Analysis Template Riskonnect
Business Impact Analysis Template Riskonnect
TEMPLATE
1
© Riskonnect
Business Impact Analysis (BIA) and Risk Assessment Data Gathering Worksheet
Background
Department Name
Department Owner
(Director/Manager)
P&S #1
Products and Services Directly P&S #2
or Indirectly Delivered by This P&S #3
Department P&S #4
P&S #5
Department Overview
The following table captures key department characteristics that may influence the assignment of recovery objectives and the selection of recovery
strategies.
2
© Riskonnect
Business Impact Analysis (BIA) and Risk Assessment Data Gathering Worksheet
3
© Riskonnect
Business Impact Analysis (BIA) and Risk Assessment Data Gathering Worksheet
Critical Records
The following table summarizes the various informational needs necessary to operate – both electronic and hard-copy.
Record / Data Name Description Location Backed Up? Offsite (if yes, list location)
Yes
No
Partial
4
© Riskonnect
Business Impact Analysis (BIA) and Risk Assessment Data Gathering Worksheet
Description
Impact of Loss Probable Impact Estimated Risk Treatment
Role (Responsibilities Existing Controls
Described of Loss Likelihood of Loss Options
and Activity)
Catastrophic Certain
Major Probable
Moderate Possible
Minor Unlikely
5
© Riskonnect
Business Impact Analysis (BIA) and Risk Assessment Data Gathering Worksheet
Existing
Technology Controls Requested
Impact of Estimated Requested
Technology Source Description or Probable Data Loss Risk Treatment
Loss Likelihood RTO
Name (IT, 3rd of Use Manual Impact of Loss Tolerance Options
Described of Loss (hours)
Party, etc.) Work (hours)
Arounds
Catastrophic Certain
Major Probable
Moderate Possible
Minor Unlikely
Existing
Controls Estimated
Supply or Description of Impact of Loss Probable Impact Risk Treatment
Source(s) (Safety Stock, Likelihood of
Service Use Described of Loss Options
Alternate Loss
Supplier, etc.)
Catastrophic Certain
Major Probable
Moderate Possible
Minor Unlikely
6
© Riskonnect
Business Impact Analysis (BIA) and Risk Assessment Data Gathering Worksheet
Recovery Requirements
The following tables summarize various resource requirements and when they are needed following the onset of a
disruptive event.
Total
(needed
Normal Current Work From Day Day Day Week Week Week
Role < Day 1 Day 2 Day 4 by role
Level Location Home* 1 3 5 2 3 4
for
recovery)
Equipment/Supply Requirements
The following table summarized the quantities, offsite availability and recovery requirements for the key equipment and supplies identified above.
Currently
Normal Week Week Week
Resource Available < Day 1 Day 1 Day 2 Day 3 Day 4 Day 5 Total
Level 2 3 4
Off-Site?
Yes
No
7
© Riskonnect
Business Impact Analysis (BIA) and Risk Assessment Data Gathering Worksheet
Ratings Definitions
Estimated Likelihood
Certain: More than one failure Failure is almost inevitable more than once annually.
per year
Probable: Failure once every 1 This process or similar processes have often failed at least once over a two year period.
or 2 years
Possible: Failure once every 3 This process or similar processes have experienced occasional failures, but not in major proportions (no
to 5 years more than every three to five years).
Unlikely: Failure once every 6 Isolated failures associated with similar processes, often occurring once every six or more years.
years or more
Probable Impact
Failure affects safety or involves noncompliance with customer or regulatory requirements. May endanger
Catastrophic personnel. Most likely will result in serious disruption to customer operations and / or other operational,
financial or reputation issues.
High degree of customer dissatisfaction due to the nature of the failure. Failure does not involve safety or
Major government regulation. May result in serious disruption to customer-facing operations and / or other
operational, financial or reputation issues.
Failure causes some customer dissatisfaction which may include discomfort or annoyance. Customer will
Moderate
notice performance issues and deterioration. The event may result in product or service delivery delay.
Due to the nature of this failure, the customer experiences only slight annoyance. Customer will probably
Minor notice slight deterioration of the process or system performance or a slight inconvenience with a subsequent
process, i.e. minor rework.
8
© Riskonnect
Business Impact Analysis (BIA) and Risk Assessment Data Gathering Worksheet
Need help?
More than 2,000 customers across six continents use our unique risk-
correlation technology to gain previously unattainable insights that deliver
better business outcomes. Riskonnect has more than 800 risk management
experts in the Americas, Europe, and Asia.
9
© Riskonnect