SlideShare ist ein Scribd-Unternehmen logo

Business Impact Analysis 【My Continuous Learning】

J
Jerimi Soma

(Remarks) This presentation is not affiliated with any company I have been associated with, either now or in the past. Additionally, no copyrights have been violated. However, I cannot guarantee the accuracy of this information, and it may be subject to updates.

Daten & Analysen
1 von 6
Downloaden Sie, um offline zu lesen
ISO27002: 2022 Information security, cybersecurity and privacy protection — Information security controls Requirement Number 5.30 Ensure the Availability of the organization including 3rd party vendor which is connected to our information assets during disruption. In aspect of that, Conducting BIA (Business Impact Analysis) would be important. BIA (Business Impact Analysis) Date of BIA 2020/MAR/3 Date of BIA 2020/MAR/2 Date of BIA 2020/MAR/2 Location Tokyo, JAPAN Location India Location Hong Kong Date of Review 2020/JUN/3 13:00 (JST) Date of Review 2020/JUN/3 9:30 (IndiaTime) Date of Review 2020/JUN/3 12:00 (HK Time) Data Onwer (Info Owner) Name Sato, Jason Applicateion Owner Name Newf, Swere Risk Owner Name Marry, Jane Department IT Risk department Department xxx Application department Department xxx Application department Role BCP Manager Role Project Manager Role Project Manager BIA Version RA-BIA-v3
Activities and scenarios reviewed Risk Reviewed Function responsible Activity importance Max time to restart Time to normal service Comment Critical service App team Vital 1 24 Failier of system necessary Critical service desired Failier of system necessary Critical service Critial BIA per scenario Impact over time #1 Critical service High Medium Low 1hour 2hour 12hour 24 hour Comment Impact of disruption x H H H H Sales Staff × M H H H Operation Staff × L H H H Procurement staff × L H H H Support team × L H H H Infosec team × L H H H Financial × L H H H Service level × L H H H Customers × H H H H
BIA Summary Activity reviewed #1 Function owned by Activity importance Risk treatment Recovery Sequence Max time to restart (hours) Time to normal service level Comment Shift deployeing planning Critical Acceptance 1 72 7 review of service in schedule Critical Acceptance 2 Critical Business Continuity 3 Critical Business Continuity 4 Activity reviewed #2 Function owned by Activity importance Risk treatment Recovery Sequence Max time to restart (hours) Time to normal service level Comment Shift deployeing planning Critical Acceptance 1 72 7 review of service in schedule 2 Business Continuity 3 Business Continuity 4
Activity name #1 Activity frequency more than hourly activity owner title Date of operation every day Number of FTEs involved hours of operation 8 hours Daily peak details weekly peak details Monthly peak details Annual peak details Activity name #2 Activity frequency more than hourly activity owner title Date of operation every day Number of FTEs involved hours of operation 8 hours Daily peak details weekly peak details Monthly peak details Annual peak details
Dependencies a) Internal Independencies of Activity b) External Interdependencies of Activity Internal Independencies External Independencies Owner Owner Internal Independencies External Independencies Owner Owner Internal Independencies External Independencies Owner Owner Internal Independencies External Independencies Owner Owner People Impact Day1 Day2 Day3 Day4 Day8 Day15 1 month Comments Customer Staff Security Operation Customer service IT Business Impact Day1 Day2 Day3 Day4 Day8 Day15 1 month Comments Financial Service Levels Contractual agreements Reputation Helth and Safety
Resources required to restart activity and reach normal service level Headcount Restart Normal Skill as restart knowledge IT Importance of activity Agreed level of importance of activity of key business services and objectives. Critical Completed by Positions Date Signature Senior Management agreement that the fundings detailed above are a true reflection of the organization Completed by Positions Date Signature Sooma, Jerimi Senor VP 2021/JUL/3 CEO 2021/JUL/3 Mwema, Adsf Impact - Business Function Information How long can the activity operate in manual mode? Are there any written processes/ procedures for operation in manual mode? When were the processes / procedures for operating in manual mode last updated? What additioanl respurces are required for operating in manual mode? In the event of a disruption there will be lost data / transactions. Can they be recovered? How will lost data be recovered? Are there any written processes / procefures for recovering lost data? When were the processes / procedures for recovering list data last updated? What would be the impact if the data cannot be recovered? Does the activity reply on information that is not electronic? (Specify data and media) How will lost (non electronic) information be recovered? What specialised equipment is required to perform the activity? CIO

Empfohlen

SampleDecPkg.ppt
SampleDecPkg.pptSampleDecPkg.ppt
SampleDecPkg.pptCourtney Doutherd
 
KUMAR GAURAV Resume
KUMAR GAURAV ResumeKUMAR GAURAV Resume
KUMAR GAURAV ResumeKumar Gaurav
 
Updated Resume- Bhabajeet_Kakati
Updated Resume- Bhabajeet_KakatiUpdated Resume- Bhabajeet_Kakati
Updated Resume- Bhabajeet_KakatiBhabajeet (9844455918)
 
Updated Resume- Bhabajeet_Kakati
Updated Resume- Bhabajeet_KakatiUpdated Resume- Bhabajeet_Kakati
Updated Resume- Bhabajeet_KakatiBhabajeet (9844455918)
 
1Running Head Business ProjectSection 1 Business Requirement.docx
1Running Head Business ProjectSection 1 Business Requirement.docx1Running Head Business ProjectSection 1 Business Requirement.docx
1Running Head Business ProjectSection 1 Business Requirement.docxfelicidaddinwoodie
 
Improving the Bottom Line - IT Financial Management Best Practices
Improving the Bottom Line - IT Financial Management Best PracticesImproving the Bottom Line - IT Financial Management Best Practices
Improving the Bottom Line - IT Financial Management Best PracticesJeffrey Finkiel
 
Benefits Auditing in Oracle HRMS
Benefits Auditing in Oracle HRMSBenefits Auditing in Oracle HRMS
Benefits Auditing in Oracle HRMSguesta7771aa
 
Inbound MIPR Process
Inbound MIPR ProcessInbound MIPR Process
Inbound MIPR ProcessJames Foster
 

Empfohlen

SampleDecPkg.ppt
SampleDecPkg.pptSampleDecPkg.ppt
SampleDecPkg.pptCourtney Doutherd
 
KUMAR GAURAV Resume
KUMAR GAURAV ResumeKUMAR GAURAV Resume
KUMAR GAURAV ResumeKumar Gaurav
 
Updated Resume- Bhabajeet_Kakati
Updated Resume- Bhabajeet_KakatiUpdated Resume- Bhabajeet_Kakati
Updated Resume- Bhabajeet_KakatiBhabajeet (9844455918)
 
Updated Resume- Bhabajeet_Kakati
Updated Resume- Bhabajeet_KakatiUpdated Resume- Bhabajeet_Kakati
Updated Resume- Bhabajeet_KakatiBhabajeet (9844455918)
 
1Running Head Business ProjectSection 1 Business Requirement.docx
1Running Head Business ProjectSection 1 Business Requirement.docx1Running Head Business ProjectSection 1 Business Requirement.docx
1Running Head Business ProjectSection 1 Business Requirement.docxfelicidaddinwoodie
 
Improving the Bottom Line - IT Financial Management Best Practices
Improving the Bottom Line - IT Financial Management Best PracticesImproving the Bottom Line - IT Financial Management Best Practices
Improving the Bottom Line - IT Financial Management Best PracticesJeffrey Finkiel
 
Benefits Auditing in Oracle HRMS
Benefits Auditing in Oracle HRMSBenefits Auditing in Oracle HRMS
Benefits Auditing in Oracle HRMSguesta7771aa
 
Inbound MIPR Process
Inbound MIPR ProcessInbound MIPR Process
Inbound MIPR ProcessJames Foster
 
Best Practices for the Service Cloud
Best Practices for the Service CloudBest Practices for the Service Cloud
Best Practices for the Service CloudRoss Bauer
 
PDD Template.docx
PDD Template.docxPDD Template.docx
PDD Template.docxVladBucatariu
 
Business Impact Analysis
Business Impact AnalysisBusiness Impact Analysis
Business Impact Analysisdlfrench
 
Cyber Security and Business Continuity an Integrated Discipline
Cyber Security and Business Continuity an Integrated DisciplineCyber Security and Business Continuity an Integrated Discipline
Cyber Security and Business Continuity an Integrated DisciplineGraeme Parker
 
Sample audit plan
Sample audit planSample audit plan
Sample audit planMaher Manan
 
Sapna Resume
Sapna ResumeSapna Resume
Sapna ResumeSapna Ramesh
 
Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...
Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...
Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...David J Rosenthal
 
Puneet Green Belt(13th feb).pptx
Puneet Green Belt(13th feb).pptxPuneet Green Belt(13th feb).pptx
Puneet Green Belt(13th feb).pptxPuneet Gupta
 
Planning For Long-Term Success Of A Business
Planning For Long-Term Success Of A BusinessPlanning For Long-Term Success Of A Business
Planning For Long-Term Success Of A BusinessLiz Sims
 
SINDHU RESUME RECENT
SINDHU RESUME RECENTSINDHU RESUME RECENT
SINDHU RESUME RECENTSINDHU MOHITHE
 
ExpoGestão 2018 Palestra Peter Walker
ExpoGestão 2018 Palestra Peter WalkerExpoGestão 2018 Palestra Peter Walker
ExpoGestão 2018 Palestra Peter WalkerExpoGestão
 
Ascent overview deck_sep_25_2013
Ascent overview deck_sep_25_2013Ascent overview deck_sep_25_2013
Ascent overview deck_sep_25_2013Bindu Rathore
 
1. Automated Business Process
1. Automated Business Process1. Automated Business Process
1. Automated Business ProcessAshish Desai
 
Disa Itsm V1.3
Disa Itsm V1.3Disa Itsm V1.3
Disa Itsm V1.3djaehnig
 
2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1dGene Kim
 
Developing IT Strategy
Developing IT StrategyDeveloping IT Strategy
Developing IT StrategyMario Navarro
 
Topic 3 Accounting System And Control
Topic 3 Accounting System And ControlTopic 3 Accounting System And Control
Topic 3 Accounting System And Controlmandalina landy
 
Behavioral Safety Leadership in Oil & Gas construction
Behavioral Safety Leadership in Oil & Gas constructionBehavioral Safety Leadership in Oil & Gas construction
Behavioral Safety Leadership in Oil & Gas constructionB-Safe Management Solutions Inc.
 
EIS Amendments CA INTER
EIS Amendments CA INTEREIS Amendments CA INTER
EIS Amendments CA INTERRaj Kumar
 
New Zealand - Data use and frameworks.
New Zealand - Data use and frameworks.New Zealand - Data use and frameworks.
New Zealand - Data use and frameworks.Corporate Registers Forum
 
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)Jerimi Soma
 
Another ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotelAnother ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotelJerimi Soma
 

Weitere ähnliche Inhalte

Ähnlich wie Business Impact Analysis 【My Continuous Learning】

Best Practices for the Service Cloud
Best Practices for the Service CloudBest Practices for the Service Cloud
Best Practices for the Service CloudRoss Bauer
 
Business Impact Analysis
Business Impact AnalysisBusiness Impact Analysis
Business Impact Analysisdlfrench
 
Cyber Security and Business Continuity an Integrated Discipline
Cyber Security and Business Continuity an Integrated DisciplineCyber Security and Business Continuity an Integrated Discipline
Cyber Security and Business Continuity an Integrated DisciplineGraeme Parker
 
Sample audit plan
Sample audit planSample audit plan
Sample audit planMaher Manan
 
Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...
Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...
Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...David J Rosenthal
 
Puneet Green Belt(13th feb).pptx
Puneet Green Belt(13th feb).pptxPuneet Green Belt(13th feb).pptx
Puneet Green Belt(13th feb).pptxPuneet Gupta
 
Planning For Long-Term Success Of A Business
Planning For Long-Term Success Of A BusinessPlanning For Long-Term Success Of A Business
Planning For Long-Term Success Of A BusinessLiz Sims
 
ExpoGestão 2018 Palestra Peter Walker
ExpoGestão 2018 Palestra Peter WalkerExpoGestão 2018 Palestra Peter Walker
ExpoGestão 2018 Palestra Peter WalkerExpoGestão
 
Ascent overview deck_sep_25_2013
Ascent overview deck_sep_25_2013Ascent overview deck_sep_25_2013
Ascent overview deck_sep_25_2013Bindu Rathore
 
1. Automated Business Process
1. Automated Business Process1. Automated Business Process
1. Automated Business ProcessAshish Desai
 
Disa Itsm V1.3
Disa Itsm V1.3Disa Itsm V1.3
Disa Itsm V1.3djaehnig
 
2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1dGene Kim
 
Developing IT Strategy
Developing IT StrategyDeveloping IT Strategy
Developing IT StrategyMario Navarro
 
Topic 3 Accounting System And Control
Topic 3 Accounting System And ControlTopic 3 Accounting System And Control
Topic 3 Accounting System And Controlmandalina landy
 
EIS Amendments CA INTER
EIS Amendments CA INTEREIS Amendments CA INTER
EIS Amendments CA INTERRaj Kumar
 

Ähnlich wie Business Impact Analysis 【My Continuous Learning】 (20)

Best Practices for the Service Cloud
Best Practices for the Service CloudBest Practices for the Service Cloud
Best Practices for the Service Cloud
 
PDD Template.docx
PDD Template.docxPDD Template.docx
PDD Template.docx
 
Business Impact Analysis
Business Impact AnalysisBusiness Impact Analysis
Business Impact Analysis
 
Cyber Security and Business Continuity an Integrated Discipline
Cyber Security and Business Continuity an Integrated DisciplineCyber Security and Business Continuity an Integrated Discipline
Cyber Security and Business Continuity an Integrated Discipline
 
Sample audit plan
Sample audit planSample audit plan
Sample audit plan
 
Sapna Resume
Sapna ResumeSapna Resume
Sapna Resume
 
Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...
Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...
Nintex Workflow for Sharepoint - Return on Investment Whitepaper by Forrester...
 
Puneet Green Belt(13th feb).pptx
Puneet Green Belt(13th feb).pptxPuneet Green Belt(13th feb).pptx
Puneet Green Belt(13th feb).pptx
 
Planning For Long-Term Success Of A Business
Planning For Long-Term Success Of A BusinessPlanning For Long-Term Success Of A Business
Planning For Long-Term Success Of A Business
 
SINDHU RESUME RECENT
SINDHU RESUME RECENTSINDHU RESUME RECENT
SINDHU RESUME RECENT
 
ExpoGestão 2018 Palestra Peter Walker
ExpoGestão 2018 Palestra Peter WalkerExpoGestão 2018 Palestra Peter Walker
ExpoGestão 2018 Palestra Peter Walker
 
Ascent overview deck_sep_25_2013
Ascent overview deck_sep_25_2013Ascent overview deck_sep_25_2013
Ascent overview deck_sep_25_2013
 
1. Automated Business Process
1. Automated Business Process1. Automated Business Process
1. Automated Business Process
 
Disa Itsm V1.3
Disa Itsm V1.3Disa Itsm V1.3
Disa Itsm V1.3
 
2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d
 
Developing IT Strategy
Developing IT StrategyDeveloping IT Strategy
Developing IT Strategy
 
Topic 3 Accounting System And Control
Topic 3 Accounting System And ControlTopic 3 Accounting System And Control
Topic 3 Accounting System And Control
 
Behavioral Safety Leadership in Oil & Gas construction
Behavioral Safety Leadership in Oil & Gas constructionBehavioral Safety Leadership in Oil & Gas construction
Behavioral Safety Leadership in Oil & Gas construction
 
EIS Amendments CA INTER
EIS Amendments CA INTEREIS Amendments CA INTER
EIS Amendments CA INTER
 
New Zealand - Data use and frameworks.
New Zealand - Data use and frameworks.New Zealand - Data use and frameworks.
New Zealand - Data use and frameworks.
 

Mehr von Jerimi Soma

IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)Jerimi Soma
 
Another ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotelAnother ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotelJerimi Soma
 
Japan Data Privacy Auditor Certification (Since Jan. 2021)
Japan Data Privacy Auditor Certification (Since Jan. 2021)Japan Data Privacy Auditor Certification (Since Jan. 2021)
Japan Data Privacy Auditor Certification (Since Jan. 2021)Jerimi Soma
 
ITILv3 /2011 Edition Case Study
ITILv3 /2011 Edition Case StudyITILv3 /2011 Edition Case Study
ITILv3 /2011 Edition Case StudyJerimi Soma
 
ITIL4 Managing Professtioal
ITIL4 Managing ProfesstioalITIL4 Managing Professtioal
ITIL4 Managing ProfesstioalJerimi Soma
 
JRCA ISO27017 Cloud Security Training & Exam
JRCA ISO27017 Cloud Security Training & ExamJRCA ISO27017 Cloud Security Training & Exam
JRCA ISO27017 Cloud Security Training & ExamJerimi Soma
 
ITIL v2011 Expert 6 exams
ITIL v2011 Expert 6 examsITIL v2011 Expert 6 exams
ITIL v2011 Expert 6 examsJerimi Soma
 
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025Jerimi Soma
 
ISO20000-1 Training Completion in 2022
ISO20000-1 Training Completion in 2022ISO20000-1 Training Completion in 2022
ISO20000-1 Training Completion in 2022Jerimi Soma
 
Six Sigma Black Belt
Six Sigma Black BeltSix Sigma Black Belt
Six Sigma Black BeltJerimi Soma
 
IRCA BCMS Lead Auditor Training & Exam
IRCA BCMS Lead Auditor Training & ExamIRCA BCMS Lead Auditor Training & Exam
IRCA BCMS Lead Auditor Training & ExamJerimi Soma
 
BSI ISO27001 Lead Implementer ENR-00775738
BSI ISO27001 Lead Implementer ENR-00775738BSI ISO27001 Lead Implementer ENR-00775738
BSI ISO27001 Lead Implementer ENR-00775738Jerimi Soma
 
IRCA QMS Lead Auditor 5-day training & exam
IRCA QMS Lead Auditor 5-day training & examIRCA QMS Lead Auditor 5-day training & exam
IRCA QMS Lead Auditor 5-day training & examJerimi Soma
 
IRCA ISMS Lead Auditor Training & Exam in 2014
IRCA ISMS Lead Auditor Training & Exam in 2014IRCA ISMS Lead Auditor Training & Exam in 2014
IRCA ISMS Lead Auditor Training & Exam in 2014Jerimi Soma
 
Henry James Study
Henry James StudyHenry James Study
Henry James StudyJerimi Soma
 
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.Jerimi Soma
 
ISO20000-1 Auditors note 【My Continuous Learning】
ISO20000-1 Auditors note 【My Continuous Learning】ISO20000-1 Auditors note 【My Continuous Learning】
ISO20000-1 Auditors note 【My Continuous Learning】Jerimi Soma
 
BCMS Audit Report【My Continuous Learning】
BCMS Audit Report【My Continuous Learning】BCMS Audit Report【My Continuous Learning】
BCMS Audit Report【My Continuous Learning】Jerimi Soma
 
SixSigma 【Continuous Study】
SixSigma 【Continuous Study】SixSigma 【Continuous Study】
SixSigma 【Continuous Study】Jerimi Soma
 
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】Jerimi Soma
 

Mehr von Jerimi Soma (20)

IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
IRCA ISMS Auditor Certification for Version 2022 (Since 2017)
 
Another ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotelAnother ITIL4 story of a Japanese business hotel
Another ITIL4 story of a Japanese business hotel
 
Japan Data Privacy Auditor Certification (Since Jan. 2021)
Japan Data Privacy Auditor Certification (Since Jan. 2021)Japan Data Privacy Auditor Certification (Since Jan. 2021)
Japan Data Privacy Auditor Certification (Since Jan. 2021)
 
ITILv3 /2011 Edition Case Study
ITILv3 /2011 Edition Case StudyITILv3 /2011 Edition Case Study
ITILv3 /2011 Edition Case Study
 
ITIL4 Managing Professtioal
ITIL4 Managing ProfesstioalITIL4 Managing Professtioal
ITIL4 Managing Professtioal
 
JRCA ISO27017 Cloud Security Training & Exam
JRCA ISO27017 Cloud Security Training & ExamJRCA ISO27017 Cloud Security Training & Exam
JRCA ISO27017 Cloud Security Training & Exam
 
ITIL v2011 Expert 6 exams
ITIL v2011 Expert 6 examsITIL v2011 Expert 6 exams
ITIL v2011 Expert 6 exams
 
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025
QSA training & exam in 2017, 2018, 2019, 2020, 2021 and PCIP in 2022 - 2025
 
ISO20000-1 Training Completion in 2022
ISO20000-1 Training Completion in 2022ISO20000-1 Training Completion in 2022
ISO20000-1 Training Completion in 2022
 
Six Sigma Black Belt
Six Sigma Black BeltSix Sigma Black Belt
Six Sigma Black Belt
 
IRCA BCMS Lead Auditor Training & Exam
IRCA BCMS Lead Auditor Training & ExamIRCA BCMS Lead Auditor Training & Exam
IRCA BCMS Lead Auditor Training & Exam
 
BSI ISO27001 Lead Implementer ENR-00775738
BSI ISO27001 Lead Implementer ENR-00775738BSI ISO27001 Lead Implementer ENR-00775738
BSI ISO27001 Lead Implementer ENR-00775738
 
IRCA QMS Lead Auditor 5-day training & exam
IRCA QMS Lead Auditor 5-day training & examIRCA QMS Lead Auditor 5-day training & exam
IRCA QMS Lead Auditor 5-day training & exam
 
IRCA ISMS Lead Auditor Training & Exam in 2014
IRCA ISMS Lead Auditor Training & Exam in 2014IRCA ISMS Lead Auditor Training & Exam in 2014
IRCA ISMS Lead Auditor Training & Exam in 2014
 
Henry James Study
Henry James StudyHenry James Study
Henry James Study
 
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
My Gap analysis results between ISO27001: 2022 and 2013 version as of 2022 fall.
 
ISO20000-1 Auditors note 【My Continuous Learning】
ISO20000-1 Auditors note 【My Continuous Learning】ISO20000-1 Auditors note 【My Continuous Learning】
ISO20000-1 Auditors note 【My Continuous Learning】
 
BCMS Audit Report【My Continuous Learning】
BCMS Audit Report【My Continuous Learning】BCMS Audit Report【My Continuous Learning】
BCMS Audit Report【My Continuous Learning】
 
SixSigma 【Continuous Study】
SixSigma 【Continuous Study】SixSigma 【Continuous Study】
SixSigma 【Continuous Study】
 
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】
Use Cases for ISO20000-1 based on ITIL in English 【Continuous Study】
 

Kürzlich hochgeladen

Real-Time AI Streaming - AI Max Princeton
Real-Time AI Streaming - AI Max PrincetonReal-Time AI Streaming - AI Max Princeton
Real-Time AI Streaming - AI Max PrincetonTimothy Spann
 
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...Boston Institute of Analytics
 
What To Do For World Nature Conservation Day by Slidesgo.pptx
What To Do For World Nature Conservation Day by Slidesgo.pptxWhat To Do For World Nature Conservation Day by Slidesgo.pptx
What To Do For World Nature Conservation Day by Slidesgo.pptxSimranPal17
 
Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...Seán Kennedy
 
NO1 Certified Black Magic Specialist Expert Amil baba in Lahore Islamabad Raw...
NO1 Certified Black Magic Specialist Expert Amil baba in Lahore Islamabad Raw...NO1 Certified Black Magic Specialist Expert Amil baba in Lahore Islamabad Raw...
NO1 Certified Black Magic Specialist Expert Amil baba in Lahore Islamabad Raw...Amil Baba Dawood bangali
 
convolutional neural network and its applications.pdf
convolutional neural network and its applications.pdfconvolutional neural network and its applications.pdf
convolutional neural network and its applications.pdfSubhamKumar3239
 
FAIR, FAIRsharing, FAIR Cookbook and ELIXIR - Sansone SA - Boston 2024
FAIR, FAIRsharing, FAIR Cookbook and ELIXIR - Sansone SA - Boston 2024FAIR, FAIRsharing, FAIR Cookbook and ELIXIR - Sansone SA - Boston 2024
FAIR, FAIRsharing, FAIR Cookbook and ELIXIR - Sansone SA - Boston 2024Susanna-Assunta Sansone
 
Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)Cathrine Wilhelmsen
 
Student profile product demonstration on grades, ability, well-being and mind...
Student profile product demonstration on grades, ability, well-being and mind...Student profile product demonstration on grades, ability, well-being and mind...
Student profile product demonstration on grades, ability, well-being and mind...Seán Kennedy
 
modul pembelajaran robotic Workshop _ by Slidesgo.pptx
modul pembelajaran robotic Workshop _ by Slidesgo.pptxmodul pembelajaran robotic Workshop _ by Slidesgo.pptx
modul pembelajaran robotic Workshop _ by Slidesgo.pptxaleedritatuxx
 
Defining Constituents, Data Vizzes and Telling a Data Story
Defining Constituents, Data Vizzes and Telling a Data StoryDefining Constituents, Data Vizzes and Telling a Data Story
Defining Constituents, Data Vizzes and Telling a Data StoryJeremy Anderson
 
wepik-insightful-infographics-a-data-visualization-overview-20240401133220kwr...
wepik-insightful-infographics-a-data-visualization-overview-20240401133220kwr...wepik-insightful-infographics-a-data-visualization-overview-20240401133220kwr...
wepik-insightful-infographics-a-data-visualization-overview-20240401133220kwr...KarteekMane1
 
Learn How Data Science Changes Our World
Learn How Data Science Changes Our WorldLearn How Data Science Changes Our World
Learn How Data Science Changes Our WorldEduminds Learning
 
Semantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptxSemantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptxMike Bennett
 
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPT
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPTPredictive Analysis for Loan Default Presentation : Data Analysis Project PPT
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPTBoston Institute of Analytics
 
The Power of Data-Driven Storytelling_ Unveiling the Layers of Insight.pptx
The Power of Data-Driven Storytelling_ Unveiling the Layers of Insight.pptxThe Power of Data-Driven Storytelling_ Unveiling the Layers of Insight.pptx
The Power of Data-Driven Storytelling_ Unveiling the Layers of Insight.pptxTasha Penwell
 
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdf
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdfEnglish-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdf
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdfblazblazml
 
Networking Case Study prepared by teacher.pptx
Networking Case Study prepared by teacher.pptxNetworking Case Study prepared by teacher.pptx
Networking Case Study prepared by teacher.pptxHimangsuNath
 
Conf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming PipelinesConf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming PipelinesTimothy Spann
 
Principles and Practices of Data Visualization
Principles and Practices of Data VisualizationPrinciples and Practices of Data Visualization
Principles and Practices of Data VisualizationKianJazayeri1
 

Kürzlich hochgeladen (20)

Real-Time AI Streaming - AI Max Princeton
Real-Time AI Streaming - AI Max PrincetonReal-Time AI Streaming - AI Max Princeton
Real-Time AI Streaming - AI Max Princeton
 
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...
Data Analysis Project Presentation: Unveiling Your Ideal Customer, Bank Custo...
 
What To Do For World Nature Conservation Day by Slidesgo.pptx
What To Do For World Nature Conservation Day by Slidesgo.pptxWhat To Do For World Nature Conservation Day by Slidesgo.pptx
What To Do For World Nature Conservation Day by Slidesgo.pptx
 
Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...Student Profile Sample report on improving academic performance by uniting gr...
Student Profile Sample report on improving academic performance by uniting gr...
 
NO1 Certified Black Magic Specialist Expert Amil baba in Lahore Islamabad Raw...
NO1 Certified Black Magic Specialist Expert Amil baba in Lahore Islamabad Raw...NO1 Certified Black Magic Specialist Expert Amil baba in Lahore Islamabad Raw...
NO1 Certified Black Magic Specialist Expert Amil baba in Lahore Islamabad Raw...
 
convolutional neural network and its applications.pdf
convolutional neural network and its applications.pdfconvolutional neural network and its applications.pdf
convolutional neural network and its applications.pdf
 
FAIR, FAIRsharing, FAIR Cookbook and ELIXIR - Sansone SA - Boston 2024
FAIR, FAIRsharing, FAIR Cookbook and ELIXIR - Sansone SA - Boston 2024FAIR, FAIRsharing, FAIR Cookbook and ELIXIR - Sansone SA - Boston 2024
FAIR, FAIRsharing, FAIR Cookbook and ELIXIR - Sansone SA - Boston 2024
 
Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)Data Factory in Microsoft Fabric (MsBIP #82)
Data Factory in Microsoft Fabric (MsBIP #82)
 
Student profile product demonstration on grades, ability, well-being and mind...
Student profile product demonstration on grades, ability, well-being and mind...Student profile product demonstration on grades, ability, well-being and mind...
Student profile product demonstration on grades, ability, well-being and mind...
 
modul pembelajaran robotic Workshop _ by Slidesgo.pptx
modul pembelajaran robotic Workshop _ by Slidesgo.pptxmodul pembelajaran robotic Workshop _ by Slidesgo.pptx
modul pembelajaran robotic Workshop _ by Slidesgo.pptx
 
Defining Constituents, Data Vizzes and Telling a Data Story
Defining Constituents, Data Vizzes and Telling a Data StoryDefining Constituents, Data Vizzes and Telling a Data Story
Defining Constituents, Data Vizzes and Telling a Data Story
 
wepik-insightful-infographics-a-data-visualization-overview-20240401133220kwr...
wepik-insightful-infographics-a-data-visualization-overview-20240401133220kwr...wepik-insightful-infographics-a-data-visualization-overview-20240401133220kwr...
wepik-insightful-infographics-a-data-visualization-overview-20240401133220kwr...
 
Learn How Data Science Changes Our World
Learn How Data Science Changes Our WorldLearn How Data Science Changes Our World
Learn How Data Science Changes Our World
 
Semantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptxSemantic Shed - Squashing and Squeezing.pptx
Semantic Shed - Squashing and Squeezing.pptx
 
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPT
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPTPredictive Analysis for Loan Default Presentation : Data Analysis Project PPT
Predictive Analysis for Loan Default Presentation : Data Analysis Project PPT
 
The Power of Data-Driven Storytelling_ Unveiling the Layers of Insight.pptx
The Power of Data-Driven Storytelling_ Unveiling the Layers of Insight.pptxThe Power of Data-Driven Storytelling_ Unveiling the Layers of Insight.pptx
The Power of Data-Driven Storytelling_ Unveiling the Layers of Insight.pptx
 
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdf
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdfEnglish-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdf
English-8-Q4-W3-Synthesizing-Essential-Information-From-Various-Sources-1.pdf
 
Networking Case Study prepared by teacher.pptx
Networking Case Study prepared by teacher.pptxNetworking Case Study prepared by teacher.pptx
Networking Case Study prepared by teacher.pptx
 
Conf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming PipelinesConf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
Conf42-LLM_Adding Generative AI to Real-Time Streaming Pipelines
 
Principles and Practices of Data Visualization
Principles and Practices of Data VisualizationPrinciples and Practices of Data Visualization
Principles and Practices of Data Visualization
 

Business Impact Analysis 【My Continuous Learning】

  • 1. ISO27002: 2022 Information security, cybersecurity and privacy protection — Information security controls Requirement Number 5.30 Ensure the Availability of the organization including 3rd party vendor which is connected to our information assets during disruption. In aspect of that, Conducting BIA (Business Impact Analysis) would be important. BIA (Business Impact Analysis) Date of BIA 2020/MAR/3 Date of BIA 2020/MAR/2 Date of BIA 2020/MAR/2 Location Tokyo, JAPAN Location India Location Hong Kong Date of Review 2020/JUN/3 13:00 (JST) Date of Review 2020/JUN/3 9:30 (IndiaTime) Date of Review 2020/JUN/3 12:00 (HK Time) Data Onwer (Info Owner) Name Sato, Jason Applicateion Owner Name Newf, Swere Risk Owner Name Marry, Jane Department IT Risk department Department xxx Application department Department xxx Application department Role BCP Manager Role Project Manager Role Project Manager BIA Version RA-BIA-v3
  • 2. Activities and scenarios reviewed Risk Reviewed Function responsible Activity importance Max time to restart Time to normal service Comment Critical service App team Vital 1 24 Failier of system necessary Critical service desired Failier of system necessary Critical service Critial BIA per scenario Impact over time #1 Critical service High Medium Low 1hour 2hour 12hour 24 hour Comment Impact of disruption x H H H H Sales Staff × M H H H Operation Staff × L H H H Procurement staff × L H H H Support team × L H H H Infosec team × L H H H Financial × L H H H Service level × L H H H Customers × H H H H
  • 3. BIA Summary Activity reviewed #1 Function owned by Activity importance Risk treatment Recovery Sequence Max time to restart (hours) Time to normal service level Comment Shift deployeing planning Critical Acceptance 1 72 7 review of service in schedule Critical Acceptance 2 Critical Business Continuity 3 Critical Business Continuity 4 Activity reviewed #2 Function owned by Activity importance Risk treatment Recovery Sequence Max time to restart (hours) Time to normal service level Comment Shift deployeing planning Critical Acceptance 1 72 7 review of service in schedule 2 Business Continuity 3 Business Continuity 4
  • 4. Activity name #1 Activity frequency more than hourly activity owner title Date of operation every day Number of FTEs involved hours of operation 8 hours Daily peak details weekly peak details Monthly peak details Annual peak details Activity name #2 Activity frequency more than hourly activity owner title Date of operation every day Number of FTEs involved hours of operation 8 hours Daily peak details weekly peak details Monthly peak details Annual peak details
  • 5. Dependencies a) Internal Independencies of Activity b) External Interdependencies of Activity Internal Independencies External Independencies Owner Owner Internal Independencies External Independencies Owner Owner Internal Independencies External Independencies Owner Owner Internal Independencies External Independencies Owner Owner People Impact Day1 Day2 Day3 Day4 Day8 Day15 1 month Comments Customer Staff Security Operation Customer service IT Business Impact Day1 Day2 Day3 Day4 Day8 Day15 1 month Comments Financial Service Levels Contractual agreements Reputation Helth and Safety
  • 6. Resources required to restart activity and reach normal service level Headcount Restart Normal Skill as restart knowledge IT Importance of activity Agreed level of importance of activity of key business services and objectives. Critical Completed by Positions Date Signature Senior Management agreement that the fundings detailed above are a true reflection of the organization Completed by Positions Date Signature Sooma, Jerimi Senor VP 2021/JUL/3 CEO 2021/JUL/3 Mwema, Adsf Impact - Business Function Information How long can the activity operate in manual mode? Are there any written processes/ procedures for operation in manual mode? When were the processes / procedures for operating in manual mode last updated? What additioanl respurces are required for operating in manual mode? In the event of a disruption there will be lost data / transactions. Can they be recovered? How will lost data be recovered? Are there any written processes / procefures for recovering lost data? When were the processes / procedures for recovering list data last updated? What would be the impact if the data cannot be recovered? Does the activity reply on information that is not electronic? (Specify data and media) How will lost (non electronic) information be recovered? What specialised equipment is required to perform the activity? CIO