IT Risk assessment and impact analysis

The first step in business continuity planning is to do a risk assessment. This helps you to decide which business threats to concentrate on. It involves:

• Identifying the range of threats your business faces
• Assessing their potential impact on the business
• Assessing the likelihood of each threat occurring

Assessing the potential impacts of unexpected events is called impact analysis. You should consider how much your business stands to lose as a result of each possible type of disaster or service disruption. To do this you should identify:

• Your critical business processes
• the potential damage or loss that your business would suffer if any of these services were disrupted

The impact can be measured as follows:

• in hard terms such as financial loss
• in soft terms such as commercial embarrassment or loss of credibility to your business

You should also consider how any damage or loss will increase if the disruption lasts a long time. For example, what would be the impact to your business if your e-commerce site was down for a day rather than an hour? For some businesses this may mean the difference between a temporary loss of revenue and going out of business.

Having determined the impact of each threat, you should decide how likely each threat is to occur. This will help you decide which threats to prioritise in business continuity planning.

For more information on risk assessment or to discuss your requirements, please call 01942 209525.

Speedy Business Systems Limited E & OE Statement
E & OE All Trademarks acknowledged. All prices are correct at time of going to press. All prices are subject to change without notice. All prices exclude VAT. E&OE.. All prices are quoted in Sterling. All offers are subject to availability.