CYB 410 4-2 Project One Stepping Stone Two: Business Impact Analysis ...

CYB 410 Project One Stepping Stone Two Guidelines and Rubric

Business Impact Analysis

Overview

A business impact analysis (BIA) assesses the impact of disruptions to organizational operations. This document is used by organizations during catastrophic events that stop those operations. It is important to create a contingency plan before disaster strikes so you and your organization are set up to make the best possible decisions in the shortest amount of time when stressors can be at a maximum. The best plans are built when you can put yourself in a mindset that appreciates the urgency of the decisions that must be made. For example, if the point of sales systems are down for your organization, having a detailed resolution plan can help prevent loss of revenue and consumer confidence. A BIA captures very practical measurements of maximum tolerable downtime (MTD), recovery time objective (RTO), and recovery point objective (RPO). It is critical to business operations that you know these metrics and set them correctly. Incidents will happen, and that is okay if you are prepared.

For this stepping stone, you will complete the metrics for MTD, RTO, and RPO. Your leadership has already begun completing the BIA for Green Thumb Nursery, so it is your task to help them finish it by completing the Estimated Downtime Table. While this is usually a task for a more senior cybersecurity leadership position, this is great exposure to prepare you for such tasks in your career and to provide insight into how these decisions are made, which will inevitably affect you in your position as a cybersecurity analyst.

This stepping stone prepares you for Project One, which is due in Module Six.

Scenario

You are part of a cybersecurity consultant firm that has been hired by Green Thumb Nursery to help develop its risk management plan. The initial round of on-site, in-person interviews has already been conducted by your leadership, and you are tasked with helping them complete the finalized documentation for the business impact analysis.

Prompt

Complete the Project One Stepping Stone Two Template: Estimated Downtime Template for the business, which is linked in the What to Submit section below.

You must address the critical elements listed below.

1. Ordering Supplies
   1. Identify realistic RTO value.
   2. Identify realistic RPO value.
   3. Justify the values identified for this business process.
2. Processing Customer Transactions
   1. Identify realistic MTD value.
   2. Identify realistic RPO value.
   3. Justify the values identified for this business process.
3. Creating Security Reports
   1. Identify realistic MTD value.
   2. Identify realistic RTO value.
   3. Justify the values identified for this business process.
4. Tracking Grow Technique Data
   1. Identify realistic RTO value.
   2. Identify realistic RPO value.
   3. Justify the values identified for this business process.
5. Creating Safety Reports
   1. Identify realistic MTD value.
   2. Identify realistic RTO value.
   3. Justify the values identified for this business process.
6. Logging/Tracking Product
   1. Identify realistic MTD value.
   2. Identify realistic RPO value.
   3. Justify the values identified for this business process.