6010 Week 2 Discussion
docx
keyboard_arrow_up
School
Wilmington University *
*We aren’t endorsed by this school
Course
6010
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
3
Uploaded by Admys
Discuss the critical need business impact analysis for organizations.
A company's approach for business continuity planning must include a business impact analysis (BIA). It entails calculating the potential impact of disruptive events on the organization's key operational procedures, practices, and resources. The main objective of a BIA is to prioritize and list the most important tasks for the organization while also determining the procedures and materials required to continue where you left off in the case of an interruption. Companies should perform a business impact analysis for the following reasons: When it comes to recovery efforts, ranking the importance of financial impact analysis, risk assessment, resource allocation, continuity planning, compliance, and regulatory requirements. Organizations now must prioritize
recovery activities, distribute resources wisely, identify important operations, assess risks, and consider financial ramifications because of business impact analyses. With it, they can develop comprehensive business continuity plans. By being aware of the potential effects of disruptions, organizations may increase their resilience, reduce downtime, protect their reputation, and ensure
the continuity of their operations even in the face of unanticipated calamities.
Research and develop one “weighted” matrix for an organization. The matrix should begin with 5-7 business functions for the organization. Considerations for the BIA should include revenue impact, profit impact and brand impact.
To create a weighted matrix for an organization's business operations, we will employ the three essential components for the Business Impact Analysis (BIA): revenue impact, profit impact, and
brand effect. As an example of a weighted matrix, consider the following: In this example, every business decision is taken after considering the company's reputation, earnings, and profitability. Impact levels can be divided into three groups: high, moderate, and low. The weighted score is determined by considering the relative importance of each impact category to the organization. The weights assigned to each area are arbitrary and could change depending on the priorities of the organization and the industry.
Business Function
Revenue Impact
Profit Impact
Brand Impact
Weighted Score
Sales and Marketing
High
High
High
9
Operations
Moderate
Moderate
Moderate
7
Customer Service
Moderate
Moderate
High
8
Research and Development Moderate
High
Moderate
7
IT and Technology
High
High
Moderate
8
Finance and Accounting
Moderate
High
Moderate
7
Supply Chain and Logistics
High
Moderate
Moderate
7
Organizations can rank their business functions based on their overall impact using this weighted
matrix. The weighted score rises in proportion to how crucial a function is to revenue, profit, and
brand. In the event of a disruption or tragedy, this knowledge may affect decision-making, resource allocation, and recovery planning.
Complete the BIA for an organization of your choosing with a scenario. Please make investment recommendations for the organization given your BIA matrix.
Business: AstraZeneca
AstraZeneca is a global pharmaceutical company that focuses on developing, producing, and performing research on novel medications. A cyberattack disclosed sensitive consumer and patient data in detail. The attack influences the business' operations and reputation, and it could have legal and regulatory repercussions. According to the BIA, every business function at AstraZeneca is crucial and has a significant impact on sales, earnings, and the company's reputation, particularly in the event of a cybersecurity incursion.
Business Function
Revenue Impact
Profit Impact
Brand Impact
Research and Development
High
High
High
Manufacturing and Production
High
High
High
Sales and Marketing
High
High
High
Supply Chain and Logistics
High
High
High
IT and Technology
High
High
High
Regulatory Compliance
High
High
High
Legal and Privacy
High
High
High
The following areas are recommended for investments: third-party risk management, employee awareness and training, legal and regulatory knowledge, business continuity and disaster recovery, infrastructure for cybersecurity, data privacy and protection, incident response, and business continuity and disaster recovery. AstraZeneca must invest in strong cybersecurity measures such firewalls, intrusion detection systems, encryption methods, and employee training
on cybersecurity best practices given the considerable impact a cyberattack would have on all corporate operations. The use of encryption, strict access controls, and data loss prevention technology must all be improved as part of data protection measures. To ensure a prompt response and recovery in the case of a cybersecurity attack, create and test comprehensive business continuity and disaster recovery strategies. Create an incident response team and a clear
crisis management plan to address cybersecurity risks efficiently. Increased monitoring and evaluation of vendors, especially those in charge of managing confidential information or delivering essential services, should be applied to suppliers and third-party vendors. There should be constant cybersecurity education and training for every employee. To ensure compliance with changing cybersecurity and privacy legislation, speak with legal and privacy professionals. By putting these investment suggestions into practice, AstraZeneca may improve its cybersecurity posture, safeguard crucial business operations, secure customer, and patient data, and preserve its standing as a reliable pharmaceutical company. By implementing these measures, you may guarantee regulatory compliance and lessen the financial and legal implications of a cybersecurity attack.
Reference:
Business Impact Analysis
. (n.d.). Www.youtube.com.
http://www.youtube.com/watch?
v=VsQ_SA3EIeY
Links to an external site.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help