Business Impact Assessment or Business Impact Analysis is a management-level analysis aimed at identifying a firm's exposure to sudden loss of critical business functions and supporting resources due to an accident, disaster, emergency, and/or threat. BIA involves assessing both financial and non-financial (customer service, market confidence, creditor or supplier confidence) costs during business disruption and business restoration periods. BIA is used in the development of business Disaster Recovery Plan (DRP).
Any business continuity planning preferably include the following:
Security policy planning should include the following:
Mean Time to Repair(MTTR): MTTR (mean time to repair) is the average time required to fix a failed component or device and return it to production status.
Mean time to repair includes the time it takes to find out about the failure, diagnose the problem and repair it. MTTR is a basic measure of how maintainable an organization's equipment is and, ultimately, is a reflection of how efficiently an organization can fix a problem.
Mean Time Between Failures (MTBF): The most common failure related metric is also mostly used incorrectly. "Mean time between failures" or "MTBF" refers to the amount of time that elapses between one failure and the next. Mathematically, this is the sum of MTTF and MTTR, the total time required for a device to fail and that failure to be repaired.
RTO/RPO: The recovery point objective (RPO) and the recovery time objective (RTO) are two very specific parameters that are closely associated with recovery. The RTO is how long you can basically go without a specific application. This is often associated with your maximum allowable or maximum tolerable outage.
RPO limits how far to roll back in time, and defines the maximum allowable amount of lost data measured in time from a failure occurrence to the last valid backup.
RTO is related to downtime and represents how long it takes to restore from the incident until normal operations are available to users
Single point of failure (SPOF): A single point of failure (SPOF) is a part of a system that, if it fails, will stop the entire system from working. SPOFs are undesirable in any system with a goal of high availability or reliability, be it a business practice, software application, or other industrial system.
Privacy Impact assessment: A privacy impact assessment (PIA) is a tool for identifying and assessing privacy risks throughout the development life cycle of a program or system.
Privacy threshold assessment: It is OPM policy to ensure that all information technology (IT) systems that collect, maintain, or disseminate information in an identifiable form have a privacy impact assessment (PIA) or privacy threshold analysis (PTA).