Purpose of the business impact analysis module
Potential damage impacts due to business process, system or data asset failures can be assessed based on material and immaterial assessment standards for the company. The impact value of all your assets can be defined on the basis of this analysis.
Flexibly adjusted analyses
The business impact analysis module can be used for the analysis of status change in all three information security aspects:
- damage in Confidentiality
- damage in Integrity
- damage in Availability
In case of damage in availability the loss impacts can be analyzed over customizable outage periods. The Inventory scope of the impact analysis can also be flexibly adjusted. The software supports:
- business impact analyses from the aspect of data,
- business process,
- or service / system
In any impact analysis various material and immaterial (e.g. legal compliance, loss of reputation) evaluation aspects can be defined according to the needs of the Client. In order to ensure the comparability of results, the scales of evaluation aspects is sorted into the Damages table. There are predefined Damages tables for market and state operators.
As a result of the analysis, the software defines impact values for each asset item on the basis of inheritance rules, hence sensitivity reports can be prepared as needed. The inheritance logic can be modified according to the methodology followed by the user.
- Sensitivity report of all asset item
- Asset items can be freely serialized depending on their critical nature and resources can be classified.
- Faults with the biggest impact can be located
- Information for other modules:
- Impact values for Risk analysis
- Calculation of recovery time targets for the BCM module
- Classification of resources separately (C I A) for the Compliance module.