making IT better!

Business Impact Analysis (BIA) Based on ISO 22301, ISO/IEC 27005 and BCI

Contact Us!

$850 USD

This course/workshop will teach the participant to correctly prioritize a service provider’s IT services through a Business Impact Analysis (BIA).

The BIA is a technique used by organizations to identify the most critical IT services for the correct performance of the business. A BIA is performed as part of risk management, and helps an organization to identify the negative impacts that business units would have with the loss of one or more IT services.


To learn and understand the following topics for the development of a BIA:

  • BIA importance within an organization and the relationship between BIA and business risk evaluation.
  • Understanding the organization, its key processes and the IT resources which support them.
  • Methodologies and techniques for the BIA design – how to create an effective Business Impact Analysis.
  • Evaluation of the impact on the business if the activities and functions were interrupted.
  • Identification of the minimum level of performance at which an activity can be performed in response to an interruption.
  • Definition of the maximum tolerable time of disruption before the activities must be restored to their normal level.


This course is aimed to:

  • People who need a better understanding of the critical activities of the organization and the adverse impact in case of disruption.
  • People who are in the process of developing a Business Continuity Plan or a Disaster Recovery Plan.
  • People who need to understand and learn how to create a BIA.
  • IT professionals who apply ISO 22301, ISO/IEC 27001:2013 or BCI practices.


There are no mandatory prerequisites; however, it is recommended that the participant holds the Information Security Foundation certificate based on ISO/IEC 27002 or knowledge on ISO 22301, ISO/IEC 27001:2013 and/or BCI.


  • It is structured in thematic units, with a balance between theory and practice.
  • The courseware material includes theory, practical exercises, study cases and complementary content.
  • A certificate of course completion is delivered.
  • The length is 2 days.
  • Has a minimum requirement of 6 and a maximum of 25 participants.


The course has the following topics:

  1. BIA Introduction
  2. Business Understanding
  3. Mission Critical Activities
  4. Recovery Requirements
  5. Risk Appetite and Estimated Loss
  6. Recovery Resources by Business Impact Analysis
  7. Business Impact Analysis Report
  8. Review
  9. Questions Session

Advantages offered by Global Lynx

Our instructors are certified in different Risk Management, Information Security, ISO/IEC and ITSM disciplines and have extensive experience in:

  • The design and implementation of Information Security Management Systems.
  • The design and development of Business Continuity Plans, Disaster Recovery Plans and Business Impact Analysis in public and/or private organizations.
  • The selection, implementation and configuration of tools and controls which support the Business Continuity Management and Information Security.
  • The teaching of several Risk Management, Information Security, Business Continuity, ISO and ITSM training courses in the academic and the professional fields.
The participant receives a high quality student handout.

Payment methods:

  • Check
  • Wire transfer
  • Credit card (via PayPal)

For more information about this training course (schedules, locations, costs, etc.) or any of the other IT training courses we offer, please contact us. We will be happy to assist you!

Contact us

We can be flexible. Contact us to set a date that works for you! Ask for Team Discounts!