A company’s chief information officer (CIO) has analyzed the financial loss associated with the
company’s database breach. They calculated that one single breach could cost the company
$1,000,000 at a minimum. Which of the following documents is the CIO MOST likely updating?
A.
Succession plan
B.
Continuity of operation plan
C.
Disaster recovery plan
D.
Business impact analysis
Explanation:
Business impact analysis (BIA) is the process of evaluating all of the critical systems in an
organization to define impact and recovery plans. BIA isn’t concerned with external threats orvulnerabilities; the analysis focuses on the impact a loss would have on the organization. A BIA
comprises the following: identifying critical functions, prioritizing critical business functions,
calculating a timeframe for critical systems loss, and estimating the tangible impact on the
organization.