Image : http://www.flickr.com
In the phase of risk assessment, there are a number of key areas that must be met. One of the most important is to understand probable threats. Have not noticed In an ideal world, most of us there, we would identify and protect against all threats to ensure that our business in order to survive on. Obviously, we are limited by other factors such as budget, time and priorities and need to apply cost-benefit analysis to ensure we are protecting the most importantBusiness functions.
A second important step is to identify all probable threats and prioritize. Threats in general, there are several ways in which internal / external, man-made/natural, primary / secondary, accidental / intentional, controllable / not controllable classify the warning / no warning, frequency, duration, speed, etc. While Age of onset classification of risks is helpful in terms of understanding their properties and potential controls, grouping and understanding by influences on the businessalso important. Obviously, the same effects may result from a number of threats.
Identify critical business processes and systems is another fundamental component of business continuity plan. After your critical business processes and systems, and probable threats are established, the next step is to identify vulnerabilities and loss potential. This requires an extensive scan of the organization, identify vulnerabilities and understand the analysisvulnerabilities which would have the greatest impact on your critical business processes and the organization. This starts to clarify and quantify potential losses, which helps to establish priorities.
Following the identification of the most probable threats and vulnerabilities, an analysis of existing controls is needed. This spans physical security as well as people, processes, data, communications and asset protection. Some controls such as physical security and data Backup are obvious. Further checks are needed, often less obvious, but they can be identified by the assessment of risks.
Once the main building blocks of critical business functions that are found most probable threats, vulnerabilities and controls, is considered the next step in understanding the likelihood of threats, the severity or impact of the threats are being developed. This leads to the business impact analysis phase, the priorities for the protection is.
TheThe goal is to minimize risks, impacts and downtime and to mitigate losses. Basically, the goal is to protect your employees, protect your data, you protect your vital communications, protect your assets and protect your brand and reputation. Overall, the goal is, of course, your company safe, also continue to operate and to do it in a cost efficient way to meet the standards of reasonable and prudent judgments.
No comments:
Post a Comment