About

Understanding your assets and their importance for your business is fundamental to security; without this knowledge, effective and efficient protection is impossible. A Business Impact Analysis (BIA) will help you to gain a full overview of your mission critical assets and which organisational processes they enable or support. Furthermore it provides you with the understanding of what could happen to your organisation in the event of a Cyber related incident that causes a significant outage of these assets. An IT Business Continuity Plan (IT BCP) will ensure you have a plan in place to adequately continue your business activities as well as to recover from a disruptive event.

How we can help

Pākiki can provide consultancy that consists of:

• Reviewing your asset register.
• Mapping assets to business processes and functions.
• Understanding assets’ criticality for the organisation.
• Understanding critical assets’ related risks and disruptive events.
• Assessing the impact of asset(s) disruption to the business.
• Identification of continuity and recovery priorities as well as resource requirements.
• Developing an IT Business Continuity Plan.

Methodology

The particular methodology will vary depending on your needs, however broadly speaking the methodology is:

• Information Gathering: Identifying and understanding your current IT and information assets with related details and their importance to the business.
• Impact assessment: Determining and understanding impacts to the business in the event where one or multiple IT and information assets become unavailable .
• IT Business Continuity Planning: Developing a plan, based on the results from the previous phases, that enables the continuity of the business during a significant IT outage, and supports the ordered recovery and restoration of IT and information assets in accordance with their availability requirements and importance for the organisation .

The assessment will be based on a Protective Security Requirements (PSR) control checklist combined with the CIS Service Provider Management Control and respective safeguards (IG3).

Get in touch

We’d love to hear more about your organisation, and to discuss how we can help.