Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
44 Cards in this Set
- Front
- Back
Identify knowledgeable people in each functional acra to act as _____ in the BIA process
|
representatives
|
|
Identify business functions
|
people
technology facilities |
|
____ ____ ____ is the identification of the effect on the orginization of the risks to it, should they occur
|
Business Impact Analysis
|
|
What are three acceptable methods of collecting data for a Business Impact Analysis
|
Questionaiires
Interviews Workshops |
|
Processes used in the business that must go right every time to be successful
|
Critical success factors
|
|
Seeks to ensure that mission critical activities are maintained during a crisis
|
Business Continuity Management
|
|
Typical Business Processes
|
Process customer orders
Support Installed products Measeure product quality |
|
Key critical success factors
|
Best in class quality
New products that satisfy market needs Excellent suppliers Motivated skilled workers |
|
Profit activities may be divided into three categories
|
creators - core
supporters - support dissipaters - discretionary |
|
Pareto Principle
|
80%
20% |
|
____________ may be designed to help identify the value that flows through particular process, equipment, facilities, or people
|
Questionaiares
|
|
What are some issues with using questionaires
|
Completion rate is low
Mmay be unrepresentitive Misinterpretion Everybody's function is important |
|
When creating an interview what is important to consider?
|
structured format
|
|
Who should be interviewed
|
Mix of grades - senior, mid level, and junior
|
|
What are considerations when using a workshop methold of collecting data?
|
Need clear agenda
Identify appropriate level of participation Have a facilitator |
|
BIA consideration for potential loss of assets
|
key personnel, physical assets, information assets, intangiable assets including market share and reputation
|
|
BIA consideration for disruption to the continuity of service and operations
|
When a business ceases to operate a fear arises will it be able to restart? Will customers, suppliers, and investors grow wary?
|
|
BIA consideration Violation of applicable laws or regulations
|
Regulations, missed deadlines, fines can bring unfavorable attention and cast doubt on the leaders
|
|
Financial impact of the distuption
|
cost to rebuild, new marketing efforts required, potential moving costs, cost to hire new employees, replacement costs, legal actions
|
|
Customers and suppliers
|
What would happen to the customers
Supply chain |
|
Public relations and credibility
|
Does the company appear to be mismanaged
|
|
Environmental
|
IS here an environmental damage caused by the event, consider the Valdez
|
|
Operational
|
What impact does it have on production? Will it impact the ability to procuce goods and services
|
|
Personnel
|
Is life or safety affected? Will the employees feel we are caring
|
|
Backlog created by the event
|
After the event the backlog will increase
|
|
Quantitative
|
Counting
|
|
Property loss
Revenue loss Fines Cash flow and prevention of credit lines legial liability Human resources |
Quantitative
|
|
Human resources
Morale Confidence Legal Socal and corporate image |
Qualitative
|
|
Qualitative
|
Expert opinion
|
|
creepng disaster
|
not a sudden event but a slow deteriationinto disaster over a period of time
|
|
Financial loss could include
|
Brand image recovery
Loss of share value Loss of control ver debetors |
|
Cause of financial loss
|
Cost to replace equipment
Cost of replacing software Salaries paid to staff, unbillable work |
|
What vial records must be considered?
|
Paper records
Personnel records Finance records, AR, AP, contracts, code and supplier lists, credit files Diagrams, manuals, Customer contact data; homegrown databases |
|
BIA Points scoring
|
Assigning a value, for example from 1 to 5 for the probability of occurance of an events occurance
|
|
Annualized Cash scorong
|
Using local statistics, either from emergency planners or from insurers to identify the likihood of event occuring
For example if 1 in 15 chance of event occuring, and building valued at $45m divide $45m/15y = $3m |
|
Alphabetic rating
|
Using letters rather than numbers to score risk probability
|
|
MAO
|
Maximum Acceptable Outage
|
|
We need to understand the cumulative losses each minute, hour, day to the point at which loss becomes unsustainable
|
Recovery window
|
|
Losses may not be a straight line
|
They may accumulate gradually then suddenly become exponential, This could result if there is a quality issue or maybe a software bug
|
|
Service Level Agreement
|
Define the minimum accecptable qualit of service to the customer, the minimum requirement that meets the customers needs
|
|
Generally after a disaster ____ capacity is required than during normal operations
|
More, Typically the cumulative workload is underestimated and many critical processes may have peaks. More capacity is required in terms of operational equipment, computing capacity, and telephony
|
|
Generally after a disaster resource requirements are ____ estimated
|
They are generally over estimated, for example is it reasonale to expect to have 250 people to man PC's in 8 hours after a disaster. Usually company's will oversubscribe to resources
|
|
What is the third Knowledge area in Business Continuity?
|
Business Impact Analysis
|
|
What knowledge areas come before this?
|
1. Project Initiation
2. Risk Evaluation |