Describe the different ISS policies associated with risk management.
Assignment 2: Business Impact Analysis
Due Week 8 and worth 100 points
In order for an organization to develop an effective business continuity plan or disaster recovery plan, it must know what information assets it has, their impact on business operations, and the criticality and priorities associated with the information systems and assets. The primary objective of a business impact analysis (BIA) is to identify the assets that are required for continued business operations in the event of an incident or disaster. Thus, a critical step in the development of an effective BIA includes establishing component priorities and determining component reliance and dependencies. Additionally, organizational personnel must know their responsibilities during recovery efforts.
Write a three to five (3-5) page paper in which you:
1. Describe the methods for establishing component priorities, including:
a. Business functions and processes
b. BIA scenarios and components
c. Financial and service impact of components not being available
d. Recovery time frameworks
2. Describe the methods for determining component reliance and dependencies, including:
a. Component dependencies
b. Resources required to recover component in the event of failure
c. Human assets needed to recover components
3. Provide recommendations for the development of the BIA, management and other personnel responsibilities, and educating company personnel that would be involved in the recovery efforts.
4. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Describe the different ISS policies associated with risk management.
Use technology and information resources to research issues in security strategy and policy formation.
Write clearly and concisely about Information Systems Security Policy topics using proper writing mechanics and technical style conventions.