Add to collection(s) Add to saved
  1. Business
  2. Finance

Business Impact Template

advertisement 
File classification: NOT PROTECTIVELY MARKED
Title: enter service/function name
Business Impact Analysis Template
Directorate:
BIA Owner (Head of Service?)
BCM Contact 1: (Senior Manager?)
BCM Contact 2: (Deputy Manager?)
enter directorate name
enter name
office telephone number
mobile number
enter name
office telephone number
mobile number
enter name
office telephone number
mobile number
Document Version and Status:
enter v.0.00 draft / final
Date of Completion:
enter date
Author:
enter name and contact details
Sign-Off/Approval of Completed BIA
(Head of Service)
signature/name/date
687289283
Page 1 of 8
File classification: NOT PROTECTIVELY MARKED
File classification: NOT PROTECTIVELY MARKED
1.1 Use of this template
The Business Impact Analysis template provides a documented evaluation process for determining continuity and recovery priorities, objectives and targets. The
evaluation process includes assessing the impact that a loss, interruption or disruption might have on the organisations services/functions and key requirements.
A Business Impact Analysis is the precursor to developing a Business Continuity Plan.
Please Note: This template is designed for all service types, multiple service areas or individual services. Managers should determine and agree the
scope of the Business Impact Analysis prior to progressing.
Basic guidance is provided throughout the template. Additional guidance is available in the Business Impact Analysis Template User Guidance document
which forms part of the Business Continuity Management Toolkit published on the LCC ‘InSite’ Website accessible using the link below:
http://insite.leeds.gov.uk/toolkits/Pages/Business-continuity.aspx
All enquiries relating to Business Continuity Management or the Business Continuity Management Toolkit should be made to:
Emergency Planning Unit,
Strategy & Improvement Division,
Strategy & Resources Directorate.
3rd Floor West
Civic Hall
Leeds
LS1 1UR
Telephone: 0113 247 4341
Email: emergency.planning@leeds.gov.uk
This template has been developed using the good practice guidance contained within Business Continuity Management Systems Requirements - BS
ISO 22301:2012.
687289283
Page 2 of 8
File classification: NOT PROTECTIVELY MARKED
File classification: NOT PROTECTIVELY MARKED
1.2 Service Criticality Assessment.
All services are important; however criticality is not based on importance, but on a combination of the potential impact on the service should a loss, interruption or
disruption occur and recovery timescales which together reflect criticality i.e. the services where disruption would have the greatest impact in the shortest
timescale.
Managers completing the service criticality assessment will be able to very quickly determine the criticality of the service and whether to proceed with the
development and implementation of a Business Continuity Plan and associated arrangements.
The following table should be completed by a manager or officer responsible for, or with a good understanding of the service to be assessed. Enter Yes or No
depending on your response to the questions. When answering, consider the wider impact that a loss, interruption or disruption to the service would have i.e. on
service users, customers, the community, partners and suppliers etc.
Question
If the service or function was disrupted, would there be an impact on human welfare?
Consider the impact on the health, safety and wellbeing of staff, clients, customers and the community.
If the service or function was disrupted, would there be an impact on security?
Consider the impact on the safety of staff, clients, customers, the community and buildings and premises.
If the service or function was disrupted, would there be an impact on the environment?
Consider the impact on flora and fauna, waste/recycling, contamination of land and watercourses etc.
If the service or function was disrupted, would there be a financial impact?
Consider loss of revenue, payment of creditors, compensation and incurring of financial penalties etc.
If the service or function was disrupted, would there be a legal impact?
Consider the impact of breaches of statutory duties or regulatory requirements.
If the service or function was disrupted, would there be a reputational impact?
Consider the impact on credibility and public perception of the service and press and media interest.
Does the service or function provide an emergency or civil protection response?
Consider whether the service or function is required to respond to an emergency and take action to reduce, control and
mitigate the effects of the emergency.
If the service or function is disrupted, how quickly
within 0 to 24 hours*
within 24 to 48 hours
would it need to be recovered?
Some services may have greater criticality at certain
times of the year; in such instances opt to use the worstcase scenario.
Yes
No
within 48 hours to 1 week
within 1 week to 1 month
*Services requiring recovery within 0 - 24 hours should specify the exact recovery timescale in hours and minutes.
687289283
Page 3 of 8
File classification: NOT PROTECTIVELY MARKED
File classification: NOT PROTECTIVELY MARKED
1.3 Establishing Key Requirements.
The purpose of establishing key requirements that support delivery of the service is to help understand the impact that a loss, interruption or disruption to such
requirements might have on the service and to inform development of appropriate continuity arrangements for each key requirement.
The following table should be completed by a manager or officer responsible for, or with a good understanding of the service. Enter the key requirements
focussing on those that are essential in supporting delivery of the service.
When completing the key requirements, consideration should be given to general or specific access needs of staff and/or customers (in particular, consider those
characteristics protected by the Equality Act 2012).
Requirements
Key requirements (business as usual)
People
List the number of staff normally required. The list should include
managers, staff and any specific or specialist roles i.e.
contractors and might include specific qualifications.
Buildings, premises and work environment
List the buildings currently occupied. The list should include any
hub and spoke arrangements, off-site stores etc.
Information and communication technology (ICT)
List the key ICT requirements to support the service including
telephony.
Information and data
List the essential electronic or paper-based information or data.
Equipment & consumables
List key equipment and consumables including plant and
machinery, personal protective equipment etc.
687289283
Page 4 of 8
File classification: NOT PROTECTIVELY MARKED
File classification: NOT PROTECTIVELY MARKED
Requirements continued
Current key requirements (business as usual)
Key suppliers (supplies) and partners
List the key suppliers and partners that support the service
internally and externally sourced. This includes those
commissioned to deliver services on behalf of the organisation.
Key supplies might include production components, food
products and utilities etc.
Transportation
List any vehicles used including use of personal vehicles.
687289283
Page 5 of 8
File classification: NOT PROTECTIVELY MARKED
File classification: NOT PROTECTIVELY MARKED
1.4 Risk Assessment
A risk assessment will identify, analyse and evaluate the risk or threat of disruptive incidents to the service and its key requirements as identified in section 1.3
above. For the risks evaluated as requiring treatment, the service shall consider proactive measures that reduce the likelihood, shorten the period and limit the
impact of the disruption on the service. The service shall consider and implement appropriate risk treatments in accordance with its risk appetite i.e. the amount of
risk that the service is prepared to accept will drive the level of action it will take to reduce or control the risks identified.
Using the following table, list the known risks/threats that could cause disruption to the service and its key requirements. Using the risk rating map (appendix A)
calculate a rating (Low, Medium, High or Very High) for each risk (the ratings can be colour coded; green, yellow, amber or red). Consider and enter the risk
treatment or controls that can be taken to reduce the threat of disruption to the service and its key requirements.
Ref
Risk/threat and impact
Rating
L, M, H, VH
Risk treatment (actions to reduce or control the risk)
001
002
003
004
005
006
007
008
687289283
Page 6 of 8
File classification: NOT PROTECTIVELY MARKED
File classification: NOT PROTECTIVELY MARKED
009
010
1.5 Approval
The manager responsible for the service should approve the completed Business Impact Analysis to ensure that the content is appropriate and a true reflection of
the service. The output from the Business Impact Analysis can now be used to inform development of a Business Continuity Plan to:

Protect the organisations most critical services/functions

Stabilise continue, resume and recover critical services/functions, their key requirements, supporting resources and dependencies.

Mitigate, respond to and manage impacts.
The Business Continuity Plan Template and User Guidance are available on the LCC ‘InSite’ Website using the following link:
http://insite.leeds.gov.uk/toolkits/Pages/Business-continuity.aspx
687289283
Page 7 of 8
File classification: NOT PROTECTIVELY MARKED
File classification: NOT PROTECTIVELY MARKED
Appendix A: Risk Rating Map
The risk rating map and use of the probability and impact ratings will provide consistency to the evaluation of the risks identified in section 1.4 above.
Probability
1. Rare
2. Unlikely
3. Possible
4. Probable
5. Almost Certain
Impact
1. Insignificant
2. Minor
3. Moderate
4. Major
5. Highly Significant
I
M
P
A
C
T
5
H
H
VH
VH
VH
4
H
H
H
VH
VH
3
M
M
H
H
H
2
L
L
M
M
M
1
L
L
L
L
L
1
2
3
4
5
PROBABILITY
This is an high-level risk assessment, more detailed risk management guidance, templates and probability and impact matrices can be obtained from the Risk
Management Unit via the link below: http://insite.leeds.gov.uk/toolkits/Pages/Risk-management.aspx
687289283
Page 8 of 8
File classification: NOT PROTECTIVELY MARKED
Related documents
*Perfect Pet* Vocabulary Words
*Perfect Pet* Vocabulary Words
Paper D - Ethical Scenarios - Police and Crime Commissioner for
Paper D - Ethical Scenarios - Police and Crime Commissioner for
channel_referral_form_v2
channel_referral_form_v2
Appendix B - Police Service of Northern Ireland
Appendix B - Police Service of Northern Ireland
userfiles/Weekly Intelligence Briefing 07th January 2016
userfiles/Weekly Intelligence Briefing 07th January 2016
Title slide (36pt bold, white)
Title slide (36pt bold, white)
Career In Teaching (powerpoint) - University of Central Lancashire
Career In Teaching (powerpoint) - University of Central Lancashire
What is the Strategic Alliance
What is the Strategic Alliance
BCH10_001 Joint Scientific Services Policy
BCH10_001 Joint Scientific Services Policy
Sgt Gareth MORGAN Driver Training Manager South
Sgt Gareth MORGAN Driver Training Manager South
Barry Buddon C3 and VERP Presentations
Barry Buddon C3 and VERP Presentations
INVESTIGATIVE INTERVIEWING
INVESTIGATIVE INTERVIEWING
Door Supervisor Top-Up Unit Workbook
Door Supervisor Top-Up Unit Workbook
Evidence Gathering Teams and Non PSU
Evidence Gathering Teams and Non PSU
Somerset Aspiring Leaders Day 4 JLK 200314
Somerset Aspiring Leaders Day 4 JLK 200314
safety
safety
address - Essex Police
address - Essex Police
2.3.2 Lincoln Index
2.3.2 Lincoln Index
Somerset_Aspiring_Leaders_Day_3_final
Somerset_Aspiring_Leaders_Day_3_final
Project Analysis Form
Project Analysis Form
Safety Camera Van Operations - Office of Police and Crime
Safety Camera Van Operations - Office of Police and Crime
H107 Compulsory Retirement of Police Officers Policy (Reg A19)
H107 Compulsory Retirement of Police Officers Policy (Reg A19)
Download
advertisement