Filetype Power Point PPT | Posted on 09 Aug 2022 | 4 years ago
Authentication
digital resources
379x Filetype PPT File size 0.22 MB Source: www.intosaicommunity.net
IT audit
training Stage 1 - Business Impact Review
for
Topics covered -
preliminary work
Business Impact Review
report to management
March 2007 Continuity planning : S3/ 2
IT audit
training Phase 1 : preliminary work
for
Gain top management support -
raise awareness
obtain initial budget
Undertake survey : identify -
processes
locations
personnel to interview
Write survey report -
review boundary
personnel, budget and time-scale
recommend corporate policy
March 2007 Continuity planning : S3/ 3
IT audit
training Phase 2 : Business Impact Review
for
Objectives are to identify -
key business processes
nature of threats
impact of service failure
What are the risks?
growth of impact with time
maximum ‘tolerable’ time to resume -
» emergency service
» full service
estimated recovery requirements
areas for improved risk reduction
March 2007 Continuity planning : S3/ 4
IT audit
training Hard and soft impacts
for
Hard impacts -
financial loss (repair/replacement)
reduced revenue
increased costs
penalties (fines, breach of contract etc)
Soft impacts -
loss of goodwill & credibility
embarrassment
personal safety
operational capability
March 2007 Continuity planning : S3/ 5
IT audit
training The time factor
for
Consider growth of impact with time -
< 15 minutes
1 hour
12 hours, etc etc
Group systems : to be recovered in -
‘n’ hours - category 1
‘n’ days - category 2
‘n’ weeks - category 3
‘period dependent’ - category 4, etc. etc.
March 2007 Continuity planning : S3/ 6
no reviews yet
Please Login to review.
