ABSTRACT
Performing a business impact analysis (BIA) involves going a step further in ascertaining what impact the risks can have on the sustained availability of the business. A BIA may be used for multiple purposes, but it is always undertaken at the behest of top management. BIA can be used in governance for management, monitoring, and oversight for internal audit and for gap analysis and compliance checking as a part of external audit. In a highly-dispersed organization with offices all around the country and also overseas offices, the BIA scope needs to be well defined. Business resilience is a subject of almost all major regulators in the financial services, banking insurance, and other sectors. In organizations where a level of awareness and understanding of BIA requirements exists, a control self-assessment (CSA) can be conducted before the BIA as a preparedness measure.
