This is very good primer on the components of critical process investigation. Analyzing the business organization and its entire operational footprint is instrumental to developing a proper continuity strategy.
This begins with identifying mission‐critical functions throughout the organizational landscape, including agency functions (interdependent services performed by agency processes and sub‐processes), enterprise functions (services dependent upon agency‐level functions) and processes (series of actions or operations that implement functions).Identifying mission‐critical functions can be a tedious task, and no two organizations will follow the sameprocess or end up with the same list.
When identifying mission‐critical functions, the following should be considered:
• Functions that support the organization’s primary mission statement
• Functions that support other agencies’ mission critical functions
• Functions that must be recovered immediately and quickly
• Functions that have a high‐dollar value
• Functions that have high client/customer impact
• Functions with political implications or ramifications
• Functions with legal requirements or liabilitiesAn executive Business Impact Analysis (BIA) tool can facilitate this process, helping planners and organizersunderstand the effects and impacts of interruption on the viability and vitality of operations and criticalbusiness functions, especially financial activities, including maintaining collections, processing payments,operating a supply chain, handling payroll and so forth.
BIA is the backbone of the BCM planning process but cannot stand alone without full approval, backing and support from the highest level managers.Risk analysis and Risk assessment are additional processes which support the BCM planning process. Risk analysis involves identifying probable threats and associated threat value to an organization and its assets and analyzing related vulnerability. Risk assessment evaluates existing environmental and physical controls and security, followed‐up by assessing their adequacy relative to potential threat.
Read more in paper written by Tittel & Koreic Understanding the need for Business Continuity Management and Disaster Recovery Planning
Comments