Knowledge BaseOperating ModelTemplatesServicesAboutWork With Me
← All Templates
Operational Resilience

Business Impact Analysis (BIA)

Score each process on five impact dimensions, derive a criticality tier, pair it with recovery objectives, and flag where your capability can't meet the objective the criticality demands.

$259one-time · instant download · free updates
Get the Workbook See the Bundle ($1,797)
What you get
  • 6-tab Excel workbook
  • 5-dimension impact → criticality tier
  • MTD / RTO / RPO with recovery-gap flags
  • Auto criticality & recovery-gap dashboard
  • Mapped to ISO 22301, NIST CSF, DORA, FFIEC
  • Instant download · free updates
How it works

Evidence in. Ratings out. Automatically.

Recovery objectives shouldn't be set process-by-process from gut feel. Criticality (impact) determines how fast a process must recover; this BIA makes that linkage explicit, then flags where your current capability can't meet the objective the criticality demands.

INPUT5 ImpactDimensionsPeakCriticalitymaxCriticalityTierTier 1–4RecoveryObjectiveMTD / RTO / RPOGap?vs capability

Every number is a formula over your inputs — not a workshop opinion. Change an input and the ratings move. That's what makes the output defensible.

What's inside

Six tabs from inventory to recovery gaps.

Process Inventory

One row per process: five impact dimensions, criticality tier, MTD / RTO / RPO, and a recovery-gap flag — all calculated.

Scoring Reference

The impact scale, criticality-tier bands, and recovery expectations your team calibrates to.

Dashboard

Auto criticality distribution, recovery-gap list, and processes by department.

Compliance Mapping

How the BIA supports ISO 22301, NIST CSF, DORA, and FFIEC.

Glossary

Every column heading defined, with a Source column.

Start Here

A five-step walkthrough and worked examples.

Built to be evidence

Numbers you can put in front of an auditor

Deterministic, not guessed

Every rating is a transparent formula over your inputs, so it holds up when someone asks "why is this rated this way?"

Traceable to evidence

Ratings trace back to the inputs that produced them — the audit story is built in, not reconstructed after the fact.

Maps to your frameworks

A built-in Compliance Mapping tab cross-walks the BIA to ISO 22301, NIST CSF, DORA, and FFIEC.

Related: Integrating Risk Assessments — a BIA feeds resilience, TPRM, and ERM from one assessment.

FAQ

Before you buy

What format is it?

A single Microsoft Excel workbook (.xlsx). It recalculates on open — no macros, no add-ins, no subscription. Also opens in Google Sheets and LibreOffice.

Is it hard to use?

No. You fill the shaded input cells; the white cells calculate. Dropdowns prevent bad entries, the Start Here tab walks you through it, and it ships with worked examples you delete before use.

Can I use it with clients?

Yes — internally or in client engagements. You can't resell the template itself as a template.

Need it tailored?

If you need it adapted to a specific framework, org size, or regulator, get in touch — customization and advisory are available.

Know what's critical — and whether you can recover it

Criticality, recovery objectives, and the gaps between them, in one workbook.

Get the Workbook — $259 Or get all 7 in the Bundle ($1,797)