While business impact analysis (BIA) has historically been used to determine availability requirements for business continuity, the process can be extended to provide a broad understanding of the potential impacts of any type of loss on the enterprise mission. Therefore, It is important to continually analyze and understand the enterprise resources that enable enterprise objectives and that can be jeopardized by cybersecurity risks.

The post Managing Enterprise Risk? Using Business Impact Analysis to Inform Risk Prioritization and Response (NIST) appeared first on ComplexDiscovery.