业务影响分析示例
【写在前面:本文是对《ISO/TS 22317: 2021 安全和韧性 – 业务连续性管理体系 – 业务影响分析指南》中“附录D 业务影响分析示例”(Examples for performing a BIA)的中英文对照翻译,供大家参考使用。】
- 例1 — 估算产品和服务的MTPD,用它估算活动MTPD并设定RTO Estimate product and service MTPD, then use it to estimate activity MTPD and set RTO
1.1 综述(General)
本示例给出的表格可用于记录最高管理层对产品和服务交付的优先级的决定(见表1),因此用于确定组织活动和资源的优先级(见表3到表7)。 This example presents forms that can be used to record top management’s decisions on the priorities for the delivery of products and services (see Table1). These are then used to prioritize the organization’s activities and resources (see Tables 3 to 7).
步骤如下: a) 为每种影响类型界定MTPD阈值; b) 记录产品和服务,并估算其各自的MTPD; c) 对于每种产品和服务,记录活动,确定其MTPD并设定其RTO; d) 对于每项活动,记录资源; e) 整合所有活动的资源需求。 The steps are as follows: a) define the MTPD threshold for each impact type; b) document the products and services and estimate their respective MTPD; c) for each product and service, document the activities, identify their MTPD and set their RTO; d) for each activity, document the resources; e) consolidate resource requirements across all activities.
1.2 第1步为每种影响界定MTPD阈值(Step 1 — Define MTPD threshold for each impact type)
完成影响表(见表1),其中包含影响描述和经最高层管理层同意的、确定的MTPD 阈值。 Complete an impact table (see Table 1) with the description of impacts and the defined MTPD threshold as agreed by top management.
表1 MTPD影响表(MTPD impact table)
1.3 第2步记录产品和服务,并估算其各自的MTPD(Step 2 — Document products and services and estimate their respective MTPD)
产品和服务BIA表单(见表2)给出了组织已识别的产品和服务。对于每种产品和服务,最高管理层为商定的影响类型确定阈值,并在影响类型中选择最低的MTPD值。 The product and service BIA form (see Table 2) presents the organization’s identified products and services. For each product and service, top management determines the threshold for the agreed impact types (see Table 1) and selects the lowest MTPD value across the impact types.
表2 产品和服务BIA表单(Product and service BIA form)
1.4 第3步对于每种产品和服务,记录活动,确定其MTPD并设定其RTO(Step 3 — For each product and service, document the activities, identify their MTPD and set their RTO)
活动BIA表单(见表3)给出了交付每种产品和服务必需的活动。活动RTO应当设定在活动MTPD以内。本示例假定,对于这个服务,所有3个活动都需要在服务MTPD内恢复。 The activity BIA form (see Table 3) presents the activities required to deliver each product and service. The activity RTO should be set within the activity MTPD. This example assumes that, for this service, all three activities need to be resumed within the service MTPD.
表3 活动BIA表单(Activity BIA form)
1.5 第4步对于每项活动,记录资源(Step 4 — For each activity, document the resources)
资源BIA表单(见表4)给出了每项活动必需的资源。每项活动(可能参与交付多个产品和服务)都有一张表。此表单的内容因组织资源需求的性质而有所不同。 The resource BIA form (see Table 4) presents the resources required by each activity. There will be one table for each activity (which can be involved in delivering more than one product and service). The contents of this form will vary according to the nature of the organization’s resource requirements.
表4 资源BIA表单(Resource BIA form)
表 5、6 和 7 是记录一些资源需求的示例。 Tables 5, 6 and 7 are examples of how to document some resource requirements.
1.6 第5步整合所有活动的资源需求(Step 5 — Consolidate resource requirements across all activities)
确定资源需求时,选择最小的活动RTO(见表5、6和7)。资源可在所有活动中累计,也可以按业务部门或地理位置制成表格。 When identifying resource requirements, the earliest activity RTO is selected (see Tables 5, 6 and 7). The resources can be accumulated across all activities. They can also be tabulated by business unit or location.
表5 随时间推移所需的员工人数(Cumulative staff numbers required over time)
表6 所需应用程序及其RTO和RPO清单(List of applications required with their RTO and RPOs)
表7 供应商清单及其资源RTO(List of suppliers and their resource RTO)
- 例2 — 确定MTPD并设定RTO Example 2 — Identify MTPD and set RTO
2.1 General(综述)
以下示例展示了在以下情况下,如何提前界定标准并在整个组织中应用以确保一致性: — 最高管理层估算产品和服务的MTPD; — 活动负责人确定活动的MTPD并设定其RTO。 The following example shows how criteria can be defined in advance and applied across the organization to ensure consistency when: — top management estimates the MTPD for products and services; — activity owners identify the MTPD and set the RTO for activities.
步骤如下: a) 记录和批准影响矩阵; b) 定义和批准评估影响的时间范围; c) 确定和批准产品和服务以及活动MTPD和活动 RTO的标准; d) 估算和批准每组产品和服务的 MTPD; e) 确定每项活动的MTPD 并设定RTO。 The steps are as follows: a) document and approve an impact matrix; b) define and approve time frames for assessing impacts; c) determine and approve criteria for product and service as well as activity MTPD and activity RTO; d) estimate and approve the MTPD for each group of products and services; e) identify the MTPD and set the RTO for each activity.
2.2 第1步记录和批准影响矩阵(Step 1 — Document and approve impact matrix)
需要完成影响矩阵,其中包含影响的描述和最高管理层同意的每个影响的标准。 An impact matrix (see Table 8) needs to be completed with the description of impacts and the criteria for each as agreed by top management.
表8 最高管理层批准的影响级别矩阵(Impact level matrix approved by top management)
2.3 第2步定义和批准评估影响的时间范围(Step 2 — Define and approve time frames for assessing impacts)
表9中给出的时间范围是为本示例的目的而定义的。 The time frames given in Table 9 have been defined for the purpose of this example.
表9 商定时间范围的工作表(Worksheet with agreed time frames)
2.4 第3步确定和批准产品和服务以及活动MTPD和活动 RTO的标准(Step 3 — Determine and approve criteria for product and service as well as activity MTPD and activity RTO)
根据表9中的信息,最高管理层同意以下内容: — MTPD是指影响级别达到4级时; — RTO设定为影响级别不大于3级的时间。 Based on the information in Table 9, top management has agreed the following: — the MTPD is when the impact level reaches 4; — the RTO is set at a time when the impact level is not greater than 3.
2.5 第4步估算和批准每个产品和服务的MTPD(Step 4 — Estimate and approve MTPD for each product and service)
BIA负责人与最高管理层会面,并就每个产品和服务了解以下信息: — 被扰断影响的相关方,以及与产品和服务交付相关的重点问题,这可以让我们了解将要讨论的影响; — 扰断造成最大影响(最坏情况)的某天/月/年的时间、高峰期或情况,该最坏情况将用于以下讨论; — 扰断在每个商定的时间范围对产品和服务交付的影响,必要时质疑答案; — 可能在中短期影响这些影响的、与产品和服务相关的计划变更。 The BIA leader meets with top management and asks the following for each product and service: — the interested parties who would be affected by the disruption and main concerns related to the delivery of products and services, as this can give an idea of the impacts to be discussed; — the time of the day/month/year, peak periods or circumstances when the disruption will result in the greatest impact (worst case), as this worst case will be used for the following discussion; — the impacts of disruption to the delivery of products and services for each of the agreed time frames, challenging the answers as needed; — the planned changes related to the product and service that can influence these impacts in the short to medium term.
会面期间,工作表(见表10)填写如下: — 记录产品或服务名称; — 记录最坏情况; — 从第1个影响类型开始,对于每个“随时间的影响”列,使用影响矩阵记录影响级别(见表8); — 对后续的影响类型重复以上步骤; — 在“产品或服务影响”行中记录每列的最大值; — 在工作表底部记录产品和服务达到MTPD的时间范围,以确定成果。 During the meeting, the worksheet (see Table 10) is completed as follows: — document the product or service name; — document the worst case; — start with the first impact type and for each “Impact over time” column record the impact level using the impact matrix (see Table 8); — repeat for subsequent impact types; — record the largest value of each column on the “Product or service impact” row; — record the time frame at which the product and service impact reaches the MTPD at the bottom of the worksheet to define the result.
表10 完成的产品和服务工作表(Completed product and service worksheet)
2.6 第5步确定每项活动的MTPD 并设定RTO(Step 5 — Identify MTPD and set RTO for each activity)
用类似的方式,BIA负责人与活动负责人会面,并就每项活动了解以下信息: — 交付的每个产品或服务的输出; — 受扰断影响的相关方; — 扰断造成最大影响(最坏情况)的某天/月/年的时间、高峰期或情况,该最坏情况将用于以下讨论; — 扰断在每个商定时间范围的影响,必要时质疑答案; In a similar way, the BIA leader meets with the activity owner and asks the following for each activity: — the output for each product or service delivered; — the interested parties who would be affected by the disruption; — the time of the day/month/year, peak periods or circumstances when the disruption will result in the greatest impact (worst case), as this worst case will be used for the following discussion; — the impacts of disruption for each of the agreed time frames, challenging the answers as needed.
会面期间,工作表(见表11)填写如下: — 记录活动名称及其描述; — 记录最坏情况; — 从第1个影响类型开始,对于每个“随时间的影响”列,使用影响矩阵记录影响级别(见表8); — 对后续的影响类型重复上一步骤; — 在“活动影响”行记录每一列的最大值; — 在工作表底部记录活动影响达到MTPD的时间范围以及设定RTO的该时间范围,以确定成果。 — 确保活动RTO设定在活动MTPO以内。 During the meeting, the worksheet (see Table 11) is completed as follows: — document the activity name and its description; — document the worst case; — start with the first impact type and for each “Impact over time” column record the impact level using the impact matrix (see Table 8); — repeat for subsequent impact types; — record the largest value of each column on the “Activity impact” row; — record the time frame at which the activity impact reaches the MTPD and the time frame to set the RTO at the bottom of the worksheet to define the result; — make sure that the activity RTO has been set within the activity MTPD.
表11 完成的活动工作表(completed activity worksheet)
- 例3 用趋势分析验证活动RTO Example 3 — Validate activity RTO with trend analysis
在推动BIA时,BIA负责人可能发现一些活动负责人设定其RTO的方式不一致。以下是发生这种情况的原因,活动负责人可能: — 误解了影响类型标准的含义; — 对业务部门不熟悉,不完全理解扰断的影响; — 混淆了活动紧迫性和重要性; — 受个人偏见的影响,形成了与组织中其它活动负责人不一致的看法。 While facilitating the BIA, it is possible that the BIA leader will recognize inconsistencies in the way some activity owners have set their RTOs. The following are reasons why this occurs. It is possible that the activity owner will: — misinterpret the meaning of the impact type criteria; — be new to the business unit and does not fully appreciate the impact of disruption; — confuse the urgency of the activity with its importance; — be influenced by personal biases, creating an inconsistent view compared with other activity owners across the organization.
下面给出了一种方法,使用趋势分析来突显RTO的不一致,以便BIA负责人可以讨论并深入探索活动负责设定RTO的理由。这样的对话可能会让活动负责人重新考虑RTO。 The following provides a technique, using trend analysis, to highlight RTO inconsistencies so that the BIA leader can discuss and further explore the activity owner’s rationale for setting the RTO. Such a conversation can lead to the activity owner reconsidering the RTO.
作为RTO设定过程的一部分,活动负责人为其每项活动填写影响评级表(见表12)。结果是每项活动的RTO和影响评级。 Activity owners complete the impact rating table (see Table 12) for each of their activities as part of the process for setting the RTO. The result will be an RTO and impact rating for each activity.
表12给出了为每项活动计算影响评级的影响评级表。主要参数包括: — 考虑扰断随时间推移的影响的时间范围; — 影响类型(见表3 [1] )及其影响级别(即0到5,其中0表示根本没有影响),以考虑在每个时间范围的影响程度。 Table 12 presents the impact rating table used to calculate the impact rating for each activity. The key parameters are: — time frames to consider the impact of a disruption over time; — impact types (see Table 3) and their levels of impact (i.e. 0 to 5, where 0 indicates no impact at all) to consider the magnitude of impact at each time frame.
表12 影响评级表(Impact rating table)
从第1个影响类型开始(在本示例中为“财务”),如果活动被扰断并在第1个时间范围(即1天)内延迟向相关方交付产品或服务,选择影响矩阵(见表3) [2] 中描述的最接近的财务影响级别,并标记相应影响级别的单元格(见表12)。然后考虑每个后续时间范围的财务影响,并对每个其它影响类型重复此过程。 Start with the first impact type (in this example: “Financial”). If the activity is disrupted and delays the delivery of the product or service to the interested parties by the first time frames (i.e. 1 day), select the closest level of financial impact described in the impact matrix (see Table 3) and mark the corresponding cell (see Table 12) under the level of impact. Then consider the financial impact for each of the subsequent time frames and repeat this process for each of the other impact types.
根据样本影响评级表(见表12)中给出的6个影响类型和3个时间范围,应当有18个回应,派生出从0到90的影响评级。 Based on the sample impact rating table (see Table 12) presenting six impact types and three time frames, there should be 18 responses which will derive the impact rating in the range 0 to 90.
以下示例(见表13和表14)给出了被其负责人将RTO设为3天的两个活动的结果: — 影响评级为39的客户服务台(见表13); — 影响评级为14的应付账款(见表14)。 The following examples (see Tables 13 and 14) present the results of two activities each set with a three day RTO by the activity owner: — Customer Help Desk (see Table 13) with an impact rating of 39; — Accounts Payable (see Table 14) with an impact rating of 14.
在此示例中,影响评级有很大不同,这表明客户服务台比应付账款会产生更大程度的影响,即使其各自的活动负责人将RTO设定为相同的时间。 In this example, the impact ratings are considerably different, suggesting that the Customer Help Desk will deliver a far greater magnitude of impact compared to Accounts Payable even though their respective activity owners have set the RTO at the same time point.
表13 客户服务台的影响评级(Impact rating able for Customer Help Desk)
表14 应付账款的影响评级(Impact rating able for Accounts Payable)
要确定客户服务台的RTO是否应当更短,或者应付账款的RTO是否应当更长,需要对BCMS范围内所有活动的RTO和影响评级的关系进行全面审查。 To determine whether the Customer Help Desk should have a shorter RTO, or whether Accounts Payable should have a longer RTO will require a holistic review of the relationship between the RTO and the impact rating for all activities within the BCMS scope.
在BCMS范围内的所有活动都设定了RTO并计算了其影响评级后,可以创建一个有以下数据列的工作表: — 业务部门; — 业务活动; — 活动负责人; — RTO,用作按升序排列的主排序; — 影响评级,用作按降序排列的次级排序。 When all activities in the BCMS scope have their RTO set and their impact rating calculated, a worksheet can be created with the following columns of data: — business unit; — business activity; — activity owner; — the RTO, used as the primary sort in ascending order; — the impact rating, used as the secondary sort in descending order.
然后,选择RTO和影响评级列,创建散点图以查看最适合数据的趋势线,如图1所示。 Then, the RTO and impact rating columns are selected and a scatter graph created to see the trend line that best fits the data, as shown by Figure 1.
图1 RTO散点图和影响评级趋势线(RTO scatter graph and impact rating trend line)
其中X轴为RTO天数,Y轴为影响评级;1代表客户服务台,2代表应付账款。 注1:图中点表示每项活动的RTO/影响评级位置。 注2:图中线表示RTO/影响评级点的趋势,这些点不一定要在趋势线上。您可以接受一个置信区间,例如±5至10的影响评级。 Key X RTO days Y impact rating 1 Customer Help Desk 2 Accounts Payable NOTE 1 The dots present the RTO/impact rating position of each activity. NOTE 2 The line presents the trend of RTO/impact rating dots. The dots do not have to be actually on the trend line. You can allow a confidence margin, e.g. an impact rating of ±5 to 10.
远高于趋势线的代表活动的点,表明活动负责人要么在时间线上设定RTO太晚,要么高估了影响评级表中的影响程度。例如,对客户服务台: — 如果对影响等级恰当地反映了影响的真实程度很有信心,则RTO应当向左移向趋势线并重新设定为1天; — 然而,如果很有信心认为RTO反映了务实的恢复时间范围,那么应当通过重做影响评级表(见表12)来重新评估影响评级,将影响评级向趋势线下降,即趋向影响评级28。 Dots representing activities well above the trend line indicate that either the activity owner has set the RTO too late on the timeline or overestimated the magnitude of impact on the impact rating table. For example, consider the Customer Help Desk: — if there is great confidence that the impact rating appropriately reflects the true magnitude of impact, then the RTO should move left towards the trend line and be reset towards 1 day; — however, if there is great confidence that the RTO reflects a pragmatic recovery time frame, then the impact rating should be reassessed by redoing the impact rating table (see Table 12) to bring the impact rating down toward the trend line, i.e. towards an impact rating of 28.
反之,远低于趋势线的代表活动的点,表明活动负责人要么在时间线上设定RTO太早,要么低估了影响评级表中的影响程度。例如,对应付账款: — 如果对影响等级恰当地反映了影响的真实程度很有信心,则RTO应当向右移向趋势线并重新设定为11天; — 然而,如果很有信心认为RTO反映了务实的恢复时间范围,那么应当通过重做影响评级表(见表13)来重新评估影响评级,将影响评级向趋势线上降,即趋向影响评级28。 Conversely, dots representing activities well below the trend line indicate that either the activity owner has set the RTO too early on the timeline or underestimated the magnitude of impact on the impact rating table. For example, consider Accounts Payable: — if there is great confidence that the impact rating appropriately reflects the true magnitude of impact, then the RTO should move right towards the trend line and be reset towards 11 days; — however, if there is great confidence that the RTO reflects a pragmatic recovery time frame, then the impact rating should be reassessed by redoing the impact rating table (see Table 13) to raise the impact rating up toward the trend line, i.e. towards an impact rating of 28.
重要的是要记住,这个方法不应当强迫活动负责人修改结果。它旨在强调他们的RTO需要复核,因为它与其它活动负责人的想法和要求不一致。BIA负责人应当始终记住,选择RTO是活动负责人的责任。 It is important to remember this technique should not force the activity owner to change the result. It is designed to highlight that their RTO needs a review because it is not consistent with the thoughts and requirements of other activity owners. The BIA leader should always remember that the choice of RTO is the responsibility of the activity owner.
这种方法可以扩展以适应每个组织。例如: — 影响类型可以多于或少于6个; — 影响类型可以有权重,例如声誉的影响是法律的2倍,那么影响评级表中的声誉子分数可以加倍; — 影响类型指标的级别可以多于或少于6个; — 可以有更多的时间范围。 — 可以有更多的时间框架。 This methodology can be scaled to suit each organization. For example: — there can be more or less than six impact types; — impact types can be weighted, e.g. reputation has twice the impact of legal so the reputation subscore in the impact rating table can be doubled; — the scale of impact type metrics can be more or less than six; — there can be more time frames.
本公众号(ID: bcmplus)专注于业务连续性和运营韧性知识的传播和普及,关注业务连性、应急和危机管理的朋友可关注本公众号。
由于公众号注册时腾讯已调整政策,未能开通留言功能,希望交流和讨论业务连续性和韧性相关问题,或获取相关资料的朋友,可长按以下二维码加入知识星球留言和讨论(另,公众号每月只能发4次文章,会有一些内容直接在知识星球分享而不在公众号发布)。
此表3指ISO/TS 22317:2021的表3,非本文(即附录D)的表3。 ↑ 此表3指ISO/TS 22317:2021的表3,非本文(即附录D)的表3。 ↑
原文发表于公众号”业务连续性+” | 原文链接