Let’s first try and understand what is a BIA?
Business Impact Analysis is a methodology which allows to predict the impact of disruption on your business functions and processes. One of the other objectives of carrying out a BIA is to help the firm to create a remediation plan in case the disruption event occurs. Disruptive events cannot be totally avoided and hence a firm looks at reducing the impact.
Carrying out a BIA for every product and service of the firm may not be possible and hence identifying the critical product and services and carrying out a business impact analysis is of paramount importance. As part of the BIA 2 factors are primarily considered – period and intensity of impact.
BIA should be an annual exercise in any firm and also whenever a new product or service is introduced or there is a signification change.
What are the possible types of impact resulting from a disruption?
Impacts to consider include
- Reputational impact – customer dissatisfaction
- Regulatory impact – fines and penalty
- Financial impact – loss of sale
- Strategic impact – delay in the firm’s plan
Steps to roll out a business impact analysis
a. Identify the critical or important business areas
Using various elements pertaining to a service like regulatory importance, customer touch point, alternate mode, third party dependency etc. identify those services which are very critical for the firm.
b. Resource mapping
Carry out a granular level mapping for each of the critical business services. All dependencies required to deliver the service to be mapped viz. people, process, technology, facility and data.
c. Create a BIA checklist
A detailed checklist allows to capture the minutest detail of the critical business service. The objective of this checklist is to map the impact, capture and understand the recovery time objective, the MTPD- Maximum Tolerable Period of Disruption, how incidents are handled etc.
d. Collaboration and decision making
The BIA checklist is distributed across various stakeholders and responses are received. This method allows to understand the actual state when a disruption happens and serves as a good data point for decision making.
e. Remediation plan
Based on the analysis of the BIA checklist the management should immediately roll out a remediation or action plan for those services which are hitting the MTPD.
Using the gieom operational resilience module you can digitize your business impact analysis. The solution is flexible to define a customised BIA template and is designed to help firms capture all the essential information for BIA. Additionally, as this is a periodic activity it serves as an excellent repository for reference and reporting as well. Talk to our expert here.
