- What is the goal and purpose of a business impact analysis (BIA)?
- Why is a business impact analysis (BIA) an important first step in defining a business continuity
plan (BCP)?
- What is the definition of recovery time objective (RTO)? Why is this important to define in an IT
Security Policy Definition as part of the business impact analysis (BIA) or business continuity
plan (BCP)?
- How do risk management and risk assessment relate to a business impact analysis (BIA) for an IT
infrastructure?
Performing a Business Impact Analysis for a Mock IT Infrastructure
- True or false: If the recovery point objective (RPO) metric does not equal the recovery time
objective (RTO), you can potentially lose data that might not be backed up. This represents a gap
in potential lost or unrecoverable data.
- If you have an RPO of 0 hours, what does that mean?
- What must you explain to executive management when defining RTO and RPO objectives for the
BIA?
- What questions do you have for executive management in order to finalize your BIA?
- Why do customer service business functions typically have a short RTO and RPO maximum
allowable time objective?
- To write backup and recovery procedures, you need to review the IT systems, hardware, software,
and communications infrastructure that supports business operations and functions, and you need
to define how to maximize availability.
Sample Solution