The first step in a sensible business continuity process is to consider the potential impacts of each type of disaster or event. This is critical - how can you properly plan for a disaster if you have little idea of the likely impacts on your business/organization of the different scenarios?

Having determined the impacts, it is now equally important to consider the magnitude of the risks which could result in these impacts. Again, this is a critical activity - it will determine which scenarios are most likely to occur and which should attract most attention during the planning process.

Fortunately, a method has emerged to simplify these tasks. The COBRA methodology and tool was launched in the early nineties, and has since evolved into a fully comprehensive solution for all these needs.

The web sites below provide significant detail on the use of COBRA for both BIA and risk analysis: 

This site provides a theoretical introduction to the topic of risk analysis itself and introduces the COBRA method in this context

This site explains the advantages of using the COBRA approach in relation to older methodologies

***   To evaluate or trial the COBRA product visit the COBRA download page. *** 

Send mail to support@securityauditor.net with questions or comments about this web site.
Copyright © 2001 Matrix0
See Also:  BS7799,  ISO 17799,  Business Continuity, ITIL, and HIPAA