The OGO Blog

What are the Goals When Conducting a Business Impact Analysis (BIA) for a Credit Union?

If you are responsible for conducting or reviewing a Business Impact Analysis or BIA, and you want to identify the key goals, then this post is for you.

Before you go and conduct your BIA, it is essential to define your goals so that you will have a clear measure of success. The BIA is an essential part of any Business Continuity or Disaster Recovery Plan. It is also the first and one of the most important steps.

A BIA is designed to analyze and predict the consequences of disrupting a business process and provide critical information required to provide recovery strategies.

Business Process

In our experience, most Credit Unions have between 75 and 150 distinct business processes. This is quite different than a typical business where we see between 15 and 20. Credit Unions are much more complex than most small businesses and rely on a large number of IT systems and third-party suppliers to deliver their services. Some examples of business processes we regularly see at Credit Unions are:

  • ACH (Payroll)
  • Share Draft Processing (check processing)
  • Auto Lending
  • Mortgage Lending
  • Cash Replenishment
  • Accounts Payable
  • Collections
  • For a comprehensive list please e-mail us at info@ongoingoperations.com

Goals

  • Establish a solid foundation for your planning process
  • Meet regulatory and audit requirements
  • Senior management support (build consensus for what is most important)
  • Top ranked risk items with plans to protect, assign, accept or eliminate the threat
  • Creation of an IT recovery plan that uses the outcome of the BIA to establish a priority for recover

Key Items to Identify

  • Critical business activities and the impact of an extended business interruption
  • Critical information, systems, facilities, and communications resources
  • The most efficient structure and scope of effort for the plan – Worst case financial risk scenario

It is important to note that a BIA is simply the first step. After that, you will need to conduct a Risk Assessment which will help you determine which threats are most likely and then identify potential remediation steps.

Are you concerned about how to calculate the potential risk from a disaster? Are you looking for best practices or a standardized methodology? Do you know if you are spending too much or too little on Disaster Recovery? If you have these or other questions please e-mail us at info@ongoingoperations.com

Or  – fill out the short form below and an OGO expert will contact you shortly: