2023 IT Examiner School
Internal Use Only
Risk Assessment (RA) Management should develop a RA that: • Understands the risks to the business;
• Identifies broad range of potential disruptions; and • Clearly defines the operations and services.
The BIA should define recovery priorities and resource dependencies for critical processes
Internal Use Only
Recovery Metrics & Process Prioritization • After completing the BIA, management should establish formal recovery metrics which will be used to prioritize process recovery and design testing scripts
• Metrics should include:
• Recovery Time Objectives (RTOs) • Recovery Point Objectives (RPOs) • Maximum Tolerable Downtimes (MTDs)
Made with FlippingBook - Share PDF online