1. Readings from Incident Response & Disaster Recovery Chapter 3.
2. You are the CIO for TU and you need to determine what to protect. Use & complete these templates and any others you may find online to do so (Business impact analysis questionnaire, Business Impact Analysis Report Template & Conducting a physical site assessment Template). Also, based on the previous week’s discussion question, complete the (Risk Assessment Template) and evaluate how you would use and complete the (Incident Response Plan Template).
3. Discussion Questions:
1. Why do you think it is important to include end users in the process of creating the contingency plan? What are the possible pitfalls of end user inclusion? Do you think it is possible to create a contingency plan with no end user involvement?
2. Discuss the level of detail shown in the sample attack scenarios. What are the implications for the planning process when this much detail is required? Do you think this much detail is actually required? What are the advantages and disadvantages of including this much detail?
This material may consist of step-by-step explanations on how to solve a problem or examples of proper writing, including the use of citations, references, bibliographies, and formatting. This material is made available for the sole purpose of studying and learning - misuse is strictly forbidden.Business Impact Analysis
The purpose of the business impact analysis (BIA) is to identify which business units/departments and processes are essential to the survival of Towson University. The BIA will identify how quickly essential business units and/or processes have to return to full operation following a disaster situation. The BIA will also identify the resources required to resume business operations.
Business impacts are identified based on worst-case Scenario that assumes that the physical infrastructure supporting each respective business unit has been destroyed and all records, equipment, etc. are not accessible for 30 days. Please note that the BIA will not address recovery solutions.
The objectives of the BIA are as follows:
• Estimate the financial impacts for each business unit, assuming a worst case scenario.
• Estimate the intangible (operational) impacts for each business unit, assuming a worst-case scenario.
• Identify the organization’s business unit processes and the estimated recovery time frame for each business unit.
Each Facility Business Continuity Planner shall perform a BIA on all business processes to determine the criticality of these processes to Towson University and to determine what the impacts are to the organization if those processes were interrupted. It shall identify the business process availability Recovery Time Objectives (RTOs), business process Recovery Point Objectives (RPOs), key business processes and the associated risks if these processes were not available...