Security: Impact Business Analysis - Paiet/Tech-Journal-for-Everything GitHub Wiki

  • Impact
    • Life
    • Property
    • Safety
    • Finance
    • Reputation
  • Mission-essential functions
    • Can be services, products, or operations
    • Is there any chance of a financial loss
    • Are there any dependancies
    • Do any of these components require high availability
    • Are there any legal ramifications, litigations?
    • Cannot collect payments.
    • Cannot record/process payments
    • Cannot process credit cards
    • Cannot track/record, merchandise
    • Cannot ship products
  • Identification of critical systems
    • Power Grids, Backup power, UPS
    • Cabling, Network devices, ISPs
    • Security Systems(physical, logical..ie, firewalls, IDS/IPS)
    • Data Centers, Databases, Storage Solutions
    • Environmental Control Systems
    • System, Vendor and inter-departmental dependancies
  • Single point of failure
  • Privacy threshold assessment
    • This form is used to determine whether a Privacy Impact Assessment is required
    • Privacy Threshold Analysis helps to determine if the data in the information system include information about individuals
    • Identify programs and systems that are privacy-sensitive
    • Demonstrate the inclusion of privacy considerations during the review of a program or system
    • Provide a record of the program or system and its privacy requirements at the Department's Privacy Office
    • Demonstrate compliance with privacy laws and regulations
  • Privacy impact assessment
    • A company needs to have safeguards in place to protect customer and employee information
    • Providing information about the companies compliance with current PII standards
    • How is information collected, stored, protected, shared and managed
    • Show a couple privacy Agreement
  • MTBF
    • Meantime between failure is basic measurement about reliability of a system component
    • Total uptime/ number of failures
    • Can be developed based on:
      • Stress testing
      • Experience
      • Statistical Analysis
      • Minutes of downtime can cost tremendously
      • Effects availability
  • MTTR
    • Meantime to repair is a basic measurement of the time it takes to repair a component after failure.