This course/workshop will teach the participant to correctly prioritize a service provider’s IT services through a Business Impact Analysis (BIA).

The BIA is a technique used by organizations to identify the most critical IT services for the correct performance of the business. A BIA is performed as part of risk management, and helps an organization to identify the negative impacts that business units would have with the loss of one or more IT services.

Objectives

To learn and understand the following topics for the development of a BIA:

  • BIA importance within an organization and the relationship between BIA and business risk evaluation.
  • Understanding the organization, its key processes and the IT resources which support them.
  • Methodologies and techniques for the BIA design – how to create an effective Business Impact Analysis.
  • Evaluation of the impact on the business if the activities and functions were interrupted.
  • Identification of the minimum level of performance at which an activity can be performed in response to an interruption.
  • Definition of the maximum tolerable time of disruption before the activities must be restored to their normal level.

Audience

This course is aimed to:

  • People who need a better understanding of the critical activities of the organization and the adverse impact in case of disruption.
  • People who are in the process of developing a Business Continuity Plan or a Disaster Recovery Plan.
  • People who need to understand and learn how to create a BIA.
  • IT professionals who apply ISO 22301, ISO/IEC 27001:2013 or BCI practices.

Prerequisites

There are no mandatory prerequisites; however, it is recommended that the participant holds the Information Security Foundation certificate based on ISO/IEC 27002 or knowledge on ISO 22301, ISO/IEC 27001:2013 and/or BCI.



Characteristics

The course has the following characteristics:

  • It is structured in thematic units, with a balance between theory and practice.
  • The courseware material includes theory, practical exercises, study cases and complementary content.
  • A certificate of course completion is delivered.
  • The length is 2 days.
  • Has a minimum requirement of 6 and a maximum of 25 participants.

Topics

The course has the following topics:

  1. BIA Introduction
  2. Business Understanding
  3. Mission Critical Activities
  4. Recovery Requirements
  5. Risk Appetite and Estimated Loss
  6. Recovery Resources by Business Impact Analysis
  7. Business Impact Analysis Report
  8. Review
  9. Questions Session

Advantages offered by Global Lynx

Our instructors are certified in different Risk Management, Information Security, ISO/IEC and ITSM disciplines and have extensive experience in:

  • The design and implementation of Information Security Management Systems.
  • The design and development of Business Continuity Plans, Disaster Recovery Plans and Business Impact Analysis in public and/or private organizations.
  • The selection, implementation and configuration of tools and controls which support the Business Continuity Management and Information Security.
  • The teaching of several Risk Management, Information Security, Business Continuity, ISO and ITSM training courses in the academic and the professional fields.
The participant receives a high quality student handout.