Business impact analyses can be used to model the operations of the company and the business effects that may occur in case of any damages thereto.
- Business impact analyses and asset item records, with operating dependencies (Governance module)
SeCube’s modular structure also supports partial modular use based on requirements.
The Inventory supports the recording of business processes, managed data groups, IT systems, and their operating and dependency relations. The record model can even be customized at the field level.
Business Impact Analysis
In the Governance module, the designated responsible users can carry out Availability, Confidentiality, and Integrity, based business impact analyses on this operating model with the involvement of business responsible persons. Potential damage impacts due to business process, system or data asset failures can be assessed based on material and immaterial assessment standards for the company. The aspect of damage effects (material damages, damages to goodwill, legal consequences, personal injury, etc.) and their textual interpretation can be fully tailored to the company and its environment. Public administration (Information Security Act), market, and GDPR-specific damages table templates are also available.
Resource CIA classification
The impact value of all your assets can be classified on the basis of this analysis. Resources can be classified according to customizable CIA security levels. Classification may be manual or based on parameterizable rules calculated on the basis of BIA results.
The BIA analysis results are inherited along the lines of Inventory dependency relations, and they can be sorted into lists and are used for numerous other functions:
- Resource classification
- Identification of the vulnerability of certain asset elements, with a display of time
- Finding faults with the biggest impacts
- Consequences of simulated events
- Risk analysis effect data
- BCM recovery time objectives (RTO, MTPD)