The creation of a data asset inventory is an excellent tool for organizations to assess the value represented by the data, to reveal the vulnerabilities and weak points in the data management process and to prepare a business impact analysis.
Business impact analysis (BIA) aims to explore direct and indirect relationships with business functions from the desired perspective in order to identify the potential damages, typically measured against business indicators, in case that the demand generated by business processes are not met. Based on this, the risk posed by shortcomings identified in the IT system can be quantified on the basis of the business impact they have on the organization, thus making it possible to consider defense measures in proportion to risk as well as the prioritization of risks. Due to the fact that specific IT services have different roles in fulfilling the goals of the organization, the failure of resources behind these services, such as servers, network elements etc. affects the core activities differently. The business impact analysis based on data asset assessment is carried out according to international standards and recommendations (ISO/IEC 27001:2013, NIST SP 800-53, KIB recommendations) and domestic legislation (Act L of 2013, decree 41/2015 (VII.15) BM, Act CXII of 2011).