|
 
Business and IT Impact Analysis
Questionnaire
ISO 27001, ISO 27002, HIPAA, and
Sarbanes Oxley Compliant
 
Version History
Version 3.3 February 2008
Version 3.3 February 2007
-
Updated
to meet ISO 17799 compliance standard
-
Application /
File Servers form was added
-
Operating
Environment was moved forward in the forms
-
Critically of
Application was moved forward in the forms
This
Business and IT Impact Analysis Questionnaire has been designed by one
of Industry's most experienced application assessment consultants.
This Questionnaire has been used in over 500 assessment, DRP and
business impact projects in the past four years. Included is a
Risk Ranking definition. The Word version of the questionnaire is
automated with check boxes that can be updated in Word.
The Questionnaire (Form) is a 23 pages in length and contains
the following:
-
Facilities / Business Function /
Application
-
Sarbanes-Oxley Compliance
-
ISO 27001 and ISO 27002
compliant
-
HIPAA Compliance
-
System of Internal Controls
-
User Environment
-
Processing Environment
-
Historical Information
-
Operating Environment
-
Criticality of Application
-
Database / File Name
-
Documentation
-
Security
-
Application Support and Maintenance
-
Resource Usage
-
Hardware Requirements by
Department
-
Backups
 |
