You need to do a Business Impact Analysis for the systems at that location.
First you need to determine what applications run from there, then find out from applications support which departments within the company use these apps.
Then you will need to talk to the management of these departments (and these could be located anywhere within the corporate structure) to determine what the impacts are to that department if the app. is unavailable. These impacts can be financial, or impacting the ability to provide product, retain market share, process payroll or accounts receivable / payable, meet regulatory requirements etc. The impacts will usually increase over time - i.e. and hour or two is a minimum impact in many cases, but a day or two is a much greater impact.
You should also determine from the App. support people if there are any interdependencies between systems, so an app with a low impact could feed data to a higher-impact application that cannot continue processing without it, making the low-impact app just as critical to the overall operation.
Once you have the information summarize it in a spreadsheet or a report, tabulating the direct financial impacts, but not forgetting the "soft" impacts such as customer satisfaction, corporate reputation etc.
Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail
Our company has just merged with another larger company of the same type. We are a chain of retail/wholesale auto parts stores. I have been asked to determine...
Good Morning Bill That is a difficult problem. First, I suggest conducting a BIA to determine which applications directly impact/generate revenue, to include...
I agree with Bob Cohen on where to start, but you may want to have the requestor of the downtime figures explain more about what they are looking for. Being...
You need to do a Business Impact Analysis for the systems at that location. Â First you need to determine what applications run from there, then find out from...
Thank you all for your responses to my request for help on this. Your responses were great and extremely helpful. Is anyone else in disbelief that we are...
I read BSI 25999-1 and BSI 25999-2. I found them both lacking in everything but price. For my money, NFPA 1600 (and variations on that theme) do a better...
John I completely agree with you. If ASIS is going through this (in my opinion) unnecessary effort because they feel NFPA isn't auditable, seems to me their...
What is it with this "one size fits all" mentality we are developing? Like the organisations, and sub sections within these organisations, that we service,...
A few questions I'd like to pose to the forum based on what others think about the flurry of Standards being developed. 1 .. Will BCM become a better value...
Rather than a point by point response, I'd like to share my 2 cents on the subject of BCP standards both as an auditor and as a practitioner. First of all,...
Thanks to everyone who took the time to provide their views and input into this discussion. Obviously there are 3 sides - yes, standards are always a good...
 Maybe the broad BCM should include a class to qualify auditors. Perhaps the leading certifying organisations could develop (if they have not already) an...
Hi Howard. Comments below. A few questions I'd like to pose to the forum based on what others think about the flurry of Standards being developed. 1 .. Will...
... Not necessarily. If the standard is a good one, then it will improve overall BCP efforts. However, just because something is a standard doesn't make it a...
Having problems with message search?
Online Now 
Send Email
