Business Impact Analysis

DRII vs ISACA Business Continuity Plan Comparison

ISACA (Information System Audit and Control Association) and DRII (Disaster Recovery Institute International) are the two organizations that have a competency to release the right procedure and step by step for Business Continuity Management. However, if you see each step from ISACA and DRII, you can find some small differences approach on it. Here is some example:

ISACA Business Continuity
1. Project management and initiation
2. Business impact analysis
3. Recovery strategy
4. Plan design and development
5. Training and awareness
6. Implementation and testing
7. Monitoring and maintenance

According to latest research from AT&T the answer are:

• Nearly 30 percent of U.S. businesses don't consider business continuity planning a priority.
• Two-thirds of IT executives predict that hacking will be the biggest threat in the next five years.
• The next most frequently mentioned threats are internal:
  Accidents — 56 percent
  Sabotage — 47 percent
  Remote workers — 44 percent

Recent natural disaster, such as earth quake or tsunami is true evidence that all business operation need appropriate business continuity management. Today, there are a lot of world standard that could be followed to get the best implementation of business continuity management. From the US standard: NIST SP 800-34 to British Standard 25999. Here is simple comparison between to standard.