March 18th, 2019 
adminComplete theLab #7Exercises from your Student Lab Manual.
Because we can complete these labs on any machine; You may skip steps 1-4 of the Lab Exercises as they deal with setup actions for your environment if you were using the publisher’ lab environment.
For Step 5 you may choose your own Industry Vertical to work from. These Choices are also listed in the Student Lab Manual:
a. Healthcare provider under HIPPA compliance law
b. Regional bank under GLBA compliance law
c. Nationwide retailer under PCI DSS standard requirements
d. Higher-education institution under FERPA compliance law
Then continue with Steps 6-11 in the Lab and complete the Deliverables as assigned below.
Deliverables
Upon completion of Lab #7 – Perform a Business Impact Analysis for a Mock IT Infrastructure students
are required to provide the following deliverables as part of this lab:
Do Complete
1. Lab #7 Assessment Worksheet Part A – BIA of business functions and operations
2. Lab #7 Assessment Worksheet Part B – Business Impact Analysis Executive Summary
Do NOT Complete:
3. Lab #7 – Assessment Questions and Answers
SUBMIT ONLY YOUR EXECUTIVE SUMMARY BIA FOR GRADING
Evaluation Criteria and Rubrics
The following are the evaluation criteria and rubrics for Lab #7 that the students must perform:
Laboratory #7
Lab #7: Perform a Business Impact Analysis for a Mock IT Infrastructure
Learning Objectives and Outcomes
Upon completing this lab students will be able to:
Define the goal and objective of a Business Impact Analysis (BIA)
Identify where a Business Impact Analysis (BIA) fits within a Business Continuity Plan (BCP)
Perform a Business Impact Analysis (BIA) utilizing a qualitative assessment approach
Create a Business Impact Analysis executive summary report for management
Required Setup and Tools
This is a paper-based lab and does not require the use of a mock IT infrastructure or virtualized server farm.
The standard Instructor and Student VM workstation with Microsoft Office 2007 or higher is required for this lab. Students will need access to their completed Lab #4 Assessment Worksheet Part A Perform a Qualitative Risk Assessment for an IT Infrastructure prioritizing the risks threats and vulnerabilities identified from the qualitative risk assessment.
In addition Microsoft Word is a required tool for the student to craft a BIA utilizing a qualitative assessment approach to prioritize mission critical applications data and IT systems and elements that are required to maintain business continuity. An executive summary report is also required for management along with answering and submitting the Lab #7 Assessment Worksheet questions.
Recommended Procedures Lab #7 Student Steps:
Student steps needed to perform Lab #7 – Perform a Business Impact Analysis for an IT Infrastructure:
Connect your removable hard drive or USB hard drive to a classroom workstation.
Boot up your classroom workstation and DHCP for an IP host address.
Login to your classroom workstation and enable Microsoft Word.
Review Figure 2 Mock IT Infrastructure.
Copyright 2013 Jones & Bartlett Learning LLC an Ascend Learning Company
www.jblearning.com
All Rights Reserved.
Identify mission critical applications and access to data requirements for a given scenario
-46-
Current Version Date: 05/30/2011
Student Lab Manual
5. Identify the scenario/vertical industry you were provided in Lab #4 – assigned by your Instructor:
Healthcare provider under HIPPA compliance law
Regional bank under GLBA compliance law
Nationwide retailer under PCI DSS standard requirements
d. Higher-education institution under FERPA compliance law
Conduct a BIA by assigning a qualitative business impact value for each identified business functions and operations: Critical Major or Minor or None.
From this prioritization identify the IT systems applications and resources that are impacted. Assess the recovery time objectives needed for the IT systems applications and resources. Complete Lab #7 Assessment Worksheet Part A BIA Process Flow Sheets and Part B Assessment Questions.
Craft a four-paragraph executive summary according to the following outline:
Goals and purpose of the BIA unique to your scenario
Summary of Findings business functions and assessment
Prioritizations critical major and minor classifications
IT systems and applications impacted – to support the defined recovery time objectives
Work on Lab #7 Assessment Worksheet and Questions and submit with your executive summary.
Deliverables
Upon completion of Lab #7 – Perform a Business Impact Analysis for a Mock IT Infrastructure students are required to provide the following deliverables as part of this lab:
Lab #7 Assessment Worksheet Part A – BIA of business functions and operations
Lab #7 Assessment Worksheet Part B – Business Impact Analysis Executive Summary
Lab #7 – Assessment Questions and Answers
Evaluation Criteria and Rubrics
The following are the evaluation criteria and rubrics for Lab #7 that the students must perform:
Was the student able to define the goal and objective of a Business Impact Analysis (BIA)?
[20%]
Was the student able to identify where a Business Impact Analysis (BIA) fits within a Business
Continuity Plan (BCP)? [20%]
Copyright 2013 Jones & Bartlett Learning LLC an Ascend Learning Company Current Version Date: 05/30/2011
www.jblearning.com
All Rights Reserved.
6.
7. 8. 9.
10.
11.
-47-
Student Lab Manual
3. Was the student able to identify mission critical applications and access to data requirements for a given scenario? [20%]
Was the student able to perform a Business Impact Analysis (BIA) utilizing a qualitative assessment approach? [20%]
Was the student able to create a Business Impact Analysis executive summary report for management? [20%]
Copyright 2013 Jones & Bartlett Learning LLC an Ascend Learning Company Current Version Date: 05/30/2011
www.jblearning.com
All Rights Reserved.
-48-
1. Performa BIA assessment and fill in the following chart:
Business Function Business Impact Recovery Or Process Factor Time Objective
IT Systems/Apps Infrastructure Impacts
Student Lab Manual
Lab #7: Assessment Worksheet
Part A Perform a Business Impact Analysis for an IT Infrastructure
Course Name: _____________________________________________________________ Student Name: _____________________________________________________________ Instructor Name: ___________________________________________________________ Lab Due Date: _____________________________________________________________
Overview
When performing a BIA you are trying to assess and align the affected IT systems applications and resources to their required recovery time objectives (RTOs). The prioritization of the identified mission critical business functions will define what IT systems applications and resources are impacted. The RTO will drive what kind of business continuity and recovery steps are needed to maintain IT operations within the specified time frames.
Internal and external voice communications with customers in real-time
Internal and external e-mail communications with customers via store and forward messaging
DNS for internal and external IP communications
Internet connectivity for e- mail and store and forward customer service
Self-service website for customer access to information and personal account information
Copyright 2013 Jones & Bartlett Learning LLC an Ascend Learning Company
www.jblearning.com
All Rights Reserved.
Current Version Date: 05/30/2011
-49-
Part B Craft a Business Impact Analysis Executive Summary
Craft a BIA executive summary follow this structure and format:
Goals and purpose of the BIA unique to your scenario
Summary of Findings business functions and assessment
Prioritizations critical major and minor classifications
IT systems and applications impacted – to support the defined recovery time objectives
Student Lab Manual
e-Commerce site for online customer purchases or scheduling 24x7x365
Payroll and human resources for employees
Real-time customer service via website e-mail or telephone requires CRM
Network management and technical support
Marketing and events
Sales orders or customer/ student registration
Remote branch office sales order entry to headquarters
Voice and e-mail communications to remote branches
Accounting and finance support: Accts payable Accts receivable etc.
Copyright 2013 Jones & Bartlett Learning LLC an Ascend Learning Company Current Version Date: 05/30/2011
www.jblearning.com
All Rights Reserved.
-50-
Student Lab Manual
Lab #7: Assessment Worksheet
Perform a Business Impact Analysis for an IT Infrastructure
Course Name: _____________________________________________________________ Student Name: _____________________________________________________________ Instructor Name: ___________________________________________________________ Lab Due Date: _____________________________________________________________
Overview
After completing your BIA report for your scenario and IT infrastructure answer the following Lab #7 Assessment Worksheet questions. These questions are specific to your BIA you performed for your scenario and IT infrastructure. Justify your answers where needed.
Lab Assessment Questions
What is the goal and purpose of a BIA?
Why is a business impact analysis (BIA) an important first step in defining a business continuity plan (BCP)?
How does risk management and risk assessment relate to a business impact analysis for an IT infrastructure?
What is the definition of Recovery Time Objective (RTO)? Why is this important to define in an IT Security Policy Definition as part of the Business Impact Analysis (BIA) or Business Continuity Plan (BCP)?
Copyright 2013 Jones & Bartlett Learning LLC an Ascend Learning Company Current Version Date: 05/30/2011
www.jblearning.com
All Rights Reserved.
-51-
Business Continuity Plan Disaster Recovery Plan Risk Management Plan Business Impact Analysis
: _______ : _______ : _______ : _______
Posted in Uncategorized