Blog

Business Impact Analysis

July 24, 2014

The first pillar of our Business Continuity Management System 
In the previous blog, we established that Business Continuity Planning (BCP) is not a subset of ISO 31000. BCP starts with the premise that a catastrophe that has led to business interruption. The focus of BCP is not so much on risk mitigation but on recovery post-disaster and consequently, having the ability to recover and offer continuity of service to entities that are dependent on the business.
 With this, our attention shifts from mitigating well-defined risks to identifying vital processes, the unavailability of which is unacceptable. The identification of such processes is multidimensional and perception based – meaning an organization could, by law, need certain processes to be available at all times and for others the consequence (financial or otherwise) of not able to provide a certain service is calamitous. The challenge then for a Business Continuity Management System provider is to deliver a common platform that identifies, measures and manages the processes which in lead to the establishment of the first pillar of a Business Continuity Management System - Business Impact Analysis (BIA).
The essential role of BIA is to probe, collect and identify all factors that are likely to disrupt a critical process. A Business Continuity Management System should prompt and guide in identifying all the key factors affecting a business process thereby laying the groundwork for a sound BIA framework.
While identifying the processes that are key to the business, we also tend to ascertain that target time for bringing these processes back online. In BCP parlance the target time for each process to resume as normal is known as Recovery Time Objective (RTO). This identification of an acceptable RTO is the cornerstone of Business Impact Analysis.
To sum it up: a key challenge in designing BCMS software has been to create a comprehensive blueprint to carry out ‘Business Impact Analysis’. A successful BIA is inherently multi-faceted, touching several departments, impacting many related parties, encompassing risks of varying intensity. Once this analysis is successfully carried out, the battle of developing a sound BCMS is won. But let us not forget that BIA is just the starting point and the first pillar. There are many more venues to be explored to implement a successful BCMS, venues that we will explore in the next post.
   

Is Business Continuity Plannin...

March 28, 2014

Many organizations consider Business Continuity Planning (BCP) as an extension of Enterprise Risk Management (ERM) or more specifically another risk category within ERM. If your organization subscribe...

Implementing a Risk IT solutio...

September 12, 2012

The RMIA NSW Chapter Event is hosting an event called 'Managing The Risk of Implementing Risk IT Solutions' on   Tuesday, September 18, 2012  5:30 PM to 7:30 PM  KPMG Offices  10 Shelley ...

Braving wet and wild sydney we...

March 2, 2012

Two of Tickit System's own Kim Wilson and Leesa Collet are braving a cold, wet and miserable Sydney day for a fantastic cause. Kim and Leesa are walking the 50km Sydney Coastrek from Palm Beach to Bal...

University of Newcastle choose...

November 18, 2010

The University of Newcastle has chosen Tickit On Demand as their Risk and Compliance Software. Kim Wilson, Managing Director, Tickit Systems Pty. Ltd. said "We are delighted to have the Unive...

Department of Treasury and Fin...

August 13, 2009

Tickit Systems welcomes The Department of Treasury and Finance Western Australia as a Tickit On Demand user.Kim Wilson, Managing Director, Tickit Systems said "This opportunity to work with the Depart...

Press Release Consensus Softwa...

May 6, 2009

Press Release For immediate release A strategic decision to rebuild a popular risk management and compliance software product as an ‘on demand’ service has proved the right one for Austral...