Managing Risk in Information System

User Generated

Fvaquh05

Writing

Description

Please find the attached document for the detailed question

Unformatted Attachment Preview

JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES LABORATORY MANUAL TO ACCOMPANY Managing Risk in Information Systems VERSION 2.0 Powered by vLab Solutions INSTRUCTOR VERSION Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company - All Rights Reserved. Lab #7 Performing a Business Impact Analysis for a Mock IT Infrastructure Introduction The purpose of a business impact analysis (BIA) is to identify applications and data access requirements in an IT infrastructure. The BIA helps you assess affected IT systems, applications, and resources and align them with their required recovery time objectives (RTOs). It then helps you prioritize the identified mission-critical business functions so you know how IT systems, applications, and resources are impacted. In this lab, you will define a BIA’s goal and objective, you will identify where the BIA fits in the business continuity plan (BCP), you will identify mission-critical applications and data access requirements, you will perform a BIA qualitative assessment approach, and you will create a BIA executive summary report for management. Learning Objectives Upon completing this lab, you will be able to: Define the goal and objective of a business impact analysis (BIA). Identify where a business impact analysis (BIA) fits within a business continuity plan (BCP). Identify mission-critical applications and access to data requirements for a given scenario. Perform a business impact analysis (BIA) utilizing a qualitative assessment approach. Create a business impact analysis executive summary report for management. 64 Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company - All Rights Reserved. 66 | LAB #7 Performing a Business Impact Analysis for a Mock IT Infrastructure Hands-On Steps Note: This is a paper-based lab. To successfully complete the deliverables for this lab, you will need access to Microsoft® Word or another compatible word processor. For some labs, you may also need access to a graphics line drawing application, such as Visio or PowerPoint. Refer to the Preface of this manual for information on creating the lab deliverable files. 3. On your local computer, open a new Internet browser window. 4. Using your favorite search engine, search for information on a business impact analysis (BIA). 5. Define BIA. 6. Using your favorite search engine, search for information on a business continuity plan (BCP). 7. Define BCP and explain how a BIA fits within a BCP. 8. Review the business functions in the following table: Business Functions Internal and external voice communication with customers in real time Internal and external e-mail communication with customers via store and forward messaging Domain Name Server (DNS) for internal and external Internet Protocol (IP) communications Internet connectivity for e-mail and store and forward customer service Self-service Web site for customer access to information and personal account information e-Commerce site for online customer purchases or scheduling 24 x 7 x 365 Payroll and human resources for employees Real-time customer service via Web site, e-mail, or telephone requires customer relationship management (CRM) Network management and technical support Marketing and events Sales orders or customer/student registration Remote branch office sales-order entry to headquarters Voice and e-mail communications to remote branches Accounting and finance support: Accounts payable, Accounts receivable, etc. 9. List a qualitative business impact value of Critical, Major, Minor, or None for each function. Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company - All Rights Reserved. 67 Note: For a descriptive comparison of qualitative versus quantitative risk assessment, read this article: http://www.sans.edu/research/leadership-laboratory/article/risk-assessment. 10. List the IT systems, applications, and resources that are impacted for each of the functions. 11. In the address box of your Internet browser, type the URL http://searchdisasterrecovery.techtarget.com/feature/Using-a-business-impact-analysis-BIAtemplate-A-free-BIA-template-and-guide/ and press Enter to open the Web site. 12. Read the article titled “Using a business impact analysis (BIA) template” for guidance on writing a business impact analysis. Consult the article for the meaning of the terms recovery time objective (RTO) and recovery point objective (RPO). 13. In your Lab Report file, assess the recovery time objectives (RTO) for each of the impacted IT systems, applications, and resources. 14. Write a four-paragraph executive summary that includes the following:     Goals and purpose of the BIA (unique to your scenario) Summary of findings (business functions and assessment) Prioritizations (critical, major, and minor classifications) IT systems and applications impacted (to support the defined recovery time objectives) Note: This completes the lab. Close the Web browser, if you have not already done so. Copyright © 2015 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Instructor Lab Manual Copyright © by Jones & Bartlett Learning, LLC, an Ascend Learning Company - All Rights Reserved.
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

Running Head: MANAGING RISKS IN INFORMATION SYSTEMS

Managing risks in information systems.
Name of the course:
Name of the institution:
Name of the student:

1

MANAGING RISKS IN INFORMATION SYSTEMS

2

Managing risks in information systems.
1. Define business impact analytics(BIA)
It is a process used to identify and evaluate the effects caused by either man made or
natural events on a business.
2. Using your favorite search engine, search for information on a business continuity
plan (BCP).
A business continuity plan helps an organization to prevent any potential treats that can
affect normal business operations. It also states the steps that should be followed to
overcome disaster incidences. The disaster management team is responsible for ensuring
that data is safely stored in an offsite location where it cannot be affected in case of a
catastrophic occurrence. This ensures that normal business operation will continue from
the point of failure. Potential risks that can affects business normal operations include
cyber-attacks, fire, floods and events related to weather.
A good business continuity plan should determine the effects associated with each threat,
identify and test steps to overcome the effects and be up to date.
3. Define BCP and explain how a BIA fits within a BCP.
It is the process involved in creating a system that can identify and prevent any potential
treats that can affect normal business operations. Business impacts analytics helps in
identifying the most critical objectives which can be performed in business continuity
plan to overcome a disaster. It also outlines both internal and external dependencies
which can help in implementing the business continuity plan
4. List a qualitative business imp...


Anonymous
Nice! Really impressed with the quality.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags