What is the Purpose of Abriska 22301?
Abriska 22301 was designed to support organisations conduct a BIA, which fully complies with the requirements of ISO 22301, the International Business Continuity Management Systems (BCMS) Standard. The purpose of ISO 22301 is to support the full life cycle of a BIA from an understanding of which resources are used for each activity and how many are needed during business as usual (BAU) through the impacts over a given timeline, understanding recovery time objectives (RTOs) right through to creating plans to return to a normal level of operation. A key feature of Abriska is that it replaces multiple spreadsheets with a ‘single source of truth’ database.
Abriska 22301 is designed to cover all bases of the BIA and risk assessment processes and was designed with input from URM’s team of senior BC consultants to ensure compliance with the ISO 22301 Standard.
What Type and Size of Organisation is Abriska 22301 Particularly Suited to?
Abriska 22301 is intended for any organisation looking to adopt an effective BIA and risk assessment tool which provides greater control and a uniform approach to BC. Abriska 22301 can be scaled up to multi-national organisations through its straightforward BIA process that can be conducted against every business-critical activity within the organisation. Due to the structure of the BIA and the process being the same for all organisations, the tool can easily be scaled up where needed by adding more activities.
What are its Key Features?
- Managed workflow for consistent data collection against a uniform approach across the organisation
- The Dependency Graph produced by Abriska 22301 is an interactive way of visualising the relationships between your business areas/divisions, products and services, activities and resources
- By providing the framework for detailed analysis at the BAU stage, you are able to fully capture exactly what each critical process requires and what could potentially disrupt it
- By providing a similar framework for the recovery stage, your organisation can also effectively plan the minimum acceptable requirements for this process
- Impact scales based on each defined business risk type provide an excellent tailored approach to your organisation’s specific risk areas
- RTOs are calculated based on pre-defined setup options to ensure that all activities are treated consistently throughout the organisation.
- You can drill down into activities to view risk levels for each related threat, along with similar views for resources and related activities
Through both the BAU and recovery stages the inter-relationships between your activities, products and services and resources can be fully analysed and understood; this often results in a clearer understanding of gaps between current capability and what is required. This detailed feature ensures that in the event of a business incident all areas will be aware of their interdependence. This information is crucial in the event of a BC incident.
What Are Abriska’s Benefits??
- Proven and trustworth/robust – Abriska 22301 is underpinned by ISO 22301, the International Standard for Business Continuity Management with the sole purpose of supporting the BIA and risk assessment requirements of this Standard
- Cost and time saving – When compared to a manual spreadsheet, Abriska enables organisations to centrally manage and expand their BIA process without having to rely on a plethora of spreadsheets.
- Shared workload – Abriska is a Web-based product which allows for the easy distribution of BIA and risk assessment tasks, whilst retaining centralised control, configuration and reporting.
- Consistent and repeatable – Abriska is ideally suited to meeting one of the absolute fundamental requirements of ISO 22301, i.e. conducting BIAs in a consistent manner across all areas of the organisation.
How Does Abriska 22301 Work?
Abriska adopts a clear 4 step process in completing a BIA:
- Business Impact Analysis (BIA); Understanding the Relationships and Dependencies.
- BIA: Assessing the Impacts Over Time & Recovery Timeframes.
- Risk Assessment: Understand current risks that could cause a business disruption.
- Reporting: Understand activities to determine a suitable strategy to protect business areas.
For more details please download the product sheet below.