86
NC State University Risk Assessment and Business Impact Analysis Version 7 Developed by the Department of Business Continuity (515-5201) Page 1 of 86 Date Started: Department/College: Business Unit: Department Head/Dean: Building: Campus Box: Cohort Coordinator: Coordinator Phone: Coordinator Fax: Person(s) Editing this Template: Date Completed: Purpose: Business Unit Mission Statement: Review Date with Department of Business Continuity

Risk Assessment Template NCSU

Embed Size (px)

Citation preview

Page 1: Risk Assessment Template NCSU

NC State University Risk Assessment and Business Impact Analysis Version 7

Developed by the Department of Business Continuity (515-5201) Page 1 of 79

Date Started:

Department/College:

Business Unit:

Department Head/Dean:

Building:

Campus Box:

Cohort Coordinator:

Coordinator Phone:

Coordinator Fax:

Person(s) Editing this Template:

Date Completed:

Purpose:The purpose of this questionnaire is to solicit information concerning the exposure and impacts that will result if your Functional Business Unit experiences a significant outage. This information will be combined with that provided from other functional business units to assess the overall financial exposures and operational impacts should a disruption in business activities occurs at NC State University. The financial and operational impact information will be used to determine each unit's maximum tolerable downtime, which will be considered when determining

Business Unit Mission Statement:Review Date with Department of Business Continuity

A2
Enter the date you actually began updating the series of worksheets
A4
Enter the name of your business unit
A5
Enter the name of your Department’s Department Head or Dean
A6
Enter the building name of the person submitting the worksheet
A7
Enter the campus box of the person submitting the worksheet
A8
Enter the name of the person who is responsible for Business Continuity Planning in your business unit
A9
Enter the office telephone number of the Cohort Coordinator
A10
Enter the fax number of the Cohort Coordinator
A11
Enter all the names of personnel who contributed to information provided in these series of Risk Assessment Worksheet
A12
Enter the mission statement of your business unit
Page 2: Risk Assessment Template NCSU

NC State University Business Unit Assessment Version 7

Developed by the Department of Business Continuity (515-5201) Page 2 of 79

Assessment Yes/No/NA/Unk ExplainBUSINESS CONTINUITY PLANS

1 Your department has a business continuity plan.2

3

4

5

6

7 Call Trees are updated quarterly.8

9

10

11

VITAL RECORDS (Critical Files, Manuals, Student or Research Records, Data)12

13 All critical records have been identified.14 All critical records stored on-site are inventoried.15 Historical records have been inventoried and stored off-site.

16 All irreplaceable records have been identified.17

18 Critical operating documentation are stored off site.

Accountability for business continuity and disaster recovery is assigned in your department.Critical business processes and functions are identified and prioritized.Business continuity procedures and plans are documented for all critical business processes and functions.

Departmental roles and responsibilities for recovery are documented.A central repository is used to store business continuity plans.

Copies of reciprocal agreements, or service bureau or hot/cold site are kept at an off-site location.Are critical vendor lists and emergency telephone contact numbers maintained?Your customers are aware of your alternative process and capabilities during an interruption of normal business operations.

Your suppliers are aware of what must be done in terms of alternative methods during an interruption of normal business operations.

A retention period has been established for all critical records.

All critical computer files are stored off site on a regular basis.

B1
The purpose of this worksheet is to assess where your vulnerabilities are in your department. Your answers to the questions or statements will help us identify gaps and vulnerabilities and suggest controls or strategies to implement in your business unit to reduce risks. For each category, answer Yes, No, Not applicable, or Unknown. In the Explanation column, feel free to elaborate on your answer.
B2
Business continuity plans offer advance arrangements for planning how your business unit can continue to provide a critical function in the event of a business interruption. These questions or statements will help identify gaps in your planning process concerning business continuity plans.
B14
Some type of vital record usually supports critical functions whether they are student records, research documentation, electronic data, cds, or manuals. These questions or statements will help identify gaps in your planning process concerning vital records.
Page 3: Risk Assessment Template NCSU

NC State University Business Unit Assessment Version 7

Developed by the Department of Business Continuity (515-5201) Page 3 of 79

Assessment Yes/No/NA/Unk ExplainTRAINING AND TESTING

19

20

21

PHYSICAL SECURITY25

26

27

28 Restricted areas are controlled and supervised.29

30

ENVIRONMENTAL CONTROLS31 Critical equipment is located above water grade.32

33

34 Adequate water leak controls35

36 Equipment located away from sprinkler heads37 Inoperable Windows38

Regular scheduled training is conducted for key disaster recovery personnel or recovery teams.Business Continuity is discussed during new employee orientation.Business Continuity/Disaster Recovery Plans are tested annually.

Evacuation routes are posted throughout the building with easy visibility.Building entrances utilize security devices requiring keys, pass-codes or magnetic badges.Security policies/guidelines/procedures are published for employee access.

Vendor personnel are required to show positive identification.Keys and badges and/or change codes are requested from terminated employees.

Adequate water drainage (under raised floor, on floors above, in adjacent areas)Water detection devices located under raised floor (equipment room)

Employees are informed of procedure to report water leak or location of water pipe shut-off valves.

Covers for equipment in case of sprinkler release available and located near equipment

B1
The purpose of this worksheet is to assess where your vulnerabilities are in your department. Your answers to the questions or statements will help us identify gaps and vulnerabilities and suggest controls or strategies to implement in your business unit to reduce risks. For each category, answer Yes, No, Not applicable, or Unknown. In the Explanation column, feel free to elaborate on your answer.
B22
During a business interruption, critical staff will support the recovery of critical functions. It is important that staff is trained in advance and know what their specific tasks are. In addition, a plan that is never tested is not validated. These questions or statements will help identify gaps in your planning process concerning training of staff and testing your business continuity plans.
B26
Implementing physical security controls help reduce threats such as theft and harm. These questions or statements will help identify gaps in your planning process concerning physical security.
B33
Some critical functions are dependent on environmental controls. These questions or statements will help identify gaps in your planning process concerning environmental controls.
Page 4: Risk Assessment Template NCSU

NC State University Business Unit Assessment Version 7

Developed by the Department of Business Continuity (515-5201) Page 4 of 79

Assessment Yes/No/NA/Unk ExplainPERSONNEL CONSIDERATIONS

39

40 Controls established for terminating/transferring employees

41

42 A list of critical personnel and job functions are documented.

INSURANCE46

RESEARCH, PLANT, OR LABORATORY CONSIDERATIONS47

48

49 Adequate ventilation controls are in place.50

51

52 Select agents are secured.53 Refrigerators in labs are secured.54 Unauthorized individuals are restricted from access to labs.

55

56

Adequate number of personnel to perform critical job functions

Alternate personnel have been identified to perform critical functions.

Your departments Business Continuity Plan reflects the Insurance Contact person for your department.

There is adequate storage for hazardous materials and chemicals.Safety plans are in place for all areas where hazardous materials are used and hazardous processes are conducted.

Provisions have been made for storage of materials requiring refrigeration.Research projects that are contingent on electricity are documented.

Lab check-out procedures are followed when staff are no longer assigned to a particular lab.Campus IDs are required to be worn in labs by all staff, faculty, and students.

B1
The purpose of this worksheet is to assess where your vulnerabilities are in your department. Your answers to the questions or statements will help us identify gaps and vulnerabilities and suggest controls or strategies to implement in your business unit to reduce risks. For each category, answer Yes, No, Not applicable, or Unknown. In the Explanation column, feel free to elaborate on your answer.
B42
Personnel support critical functions. These questions or statements will help identify gaps concerning personnel that support critical functions.
B47
Insurance is an effective risk mitigation strategy. These questions or statements will help identify if your business unit could benefit from insurance.
B49
If any critical functions in your areas deal with research, a plant, or laboratory, these questions or statements are things you should consider for business continuity.
Page 5: Risk Assessment Template NCSU

NC State University Business Unit Assessment Version 7

Developed by the Department of Business Continuity (515-5201) Page 5 of 79

Assessment Yes/No/NA/Unk Explain57

58

59

60

61

SPACE PLANNING62

63

64

65

66 Special equipment needs for space has been identified.67

68

69

70

71 Departmental space contacts are documented.72 Floor plans are current, available, and kept off site.

Lab Supervisors are aware of Laboratory Security and Safety Guidelines.The Supervisor Safety Inspection Checklist is completed annually.Procedures are in place for management of materials left behind by Professors.Functions are documented which are performed by critical faculty/staff.Procedures are in place for transitioning responsibilities to new faculty/staff.

Interim/alternate space has been identified (office, classroom, laboratory, etc.) to carry out critical departmental functions?

Critical employees that will require interim office space has been identified.Critical employees that could use open office space (cubicles) has been identified.Critical employees that could work from home have been identified.

Functions in your department that must remain co-located have been identified.Functions in your department that must remain on campus and which could temporarily be housed off campus have been identified.

For Research Lab Space, equipment that should be provided to stabilize or preserve research activities, samples and material in the interim until fully functional space can be provided (freezers, environmental or isolation chambers, fume hoods, etc) has been identified.

For Research Lab Space, the number of research faculty/staff that could share lab space with other researchers doing similar work on an interim basis has been identified.

B1
The purpose of this worksheet is to assess where your vulnerabilities are in your department. Your answers to the questions or statements will help us identify gaps and vulnerabilities and suggest controls or strategies to implement in your business unit to reduce risks. For each category, answer Yes, No, Not applicable, or Unknown. In the Explanation column, feel free to elaborate on your answer.
B65
It is not the responsibility of the business unit to locate a facility if it became inaccessible. That is the responsibility of the University Architect’s office. However, the University Architect office will need for the business unit to provide space requirements. These questions or statements will help identify your space needs.
Page 6: Risk Assessment Template NCSU

NC State University Business Unit Assessment Version 7

Developed by the Department of Business Continuity (515-5201) Page 6 of 79

Assessment Yes/No/NA/Unk Explain

73

74

77

78

79

SOFTWARE CONSIDERATIONS80

81

82

83

84 Departmental software documentation is secured.85

86 Departmental databases are backed up. Explain how often.

WORKING FROM HOME (Critical staff must have their own ISP)Have critical staff ever accessed any campus application remotely?Do critical staff have the need to access any campus applications remotely?If your department is an NCS Customer and critical staff may need to access their network home directory (H drive), do these critical staff have Netdrive installed on their home PC?

Does critical staff have the most recent virus protection files on the staffs home pc and service packs?Have critical staff tested dialing In successfully within the past month (do they know their passwords or have they expired?)

Departmental software is upgraded as needed to ensure business functions can be performed.Critical departmental software is backed up and the back-ups are stored off site.Software upgrades planned to minimize employee disruption and job function disruption.Master and backup copies of departmental software is secured.

Anti-virus software is installed and continuously enabled on all departmental computers, laptops, networks.

B1
The purpose of this worksheet is to assess where your vulnerabilities are in your department. Your answers to the questions or statements will help us identify gaps and vulnerabilities and suggest controls or strategies to implement in your business unit to reduce risks. For each category, answer Yes, No, Not applicable, or Unknown. In the Explanation column, feel free to elaborate on your answer.
B77
Some critical staff job functions require them to access University applications from home. To access these applications, certain infrastructure must be installed on the home pcs of those staff. These questions or statements will help identify if those staff have those requirements.
B83
Contingency plans for University applications are developed by ACS, NCS, ITD, and EIS. However, departmental software is the responsibility of the business unit. Applications or databases that are internally supported need contingency plans if they support critical functions. These questions or statements will help assess software contingency considerations.
Page 7: Risk Assessment Template NCSU

NC State University Business Unit Assessment Version 7

Developed by the Department of Business Continuity (515-5201) Page 7 of 79

Assessment Yes/No/NA/Unk ExplainHARDWARE CONSIDERATIONS

87 Computers that are in open areas are secured.88

89

90

91

92

93

94 Check out procedures are used for computers on loan.95 Computers are sanitized before surplused.

OFF-SITE STORAGE (Alternate storage location of vital records external to your facility)96 An Off-Site Storage location has been identified and utilized.

97

98

99

OUTSOURCING USING A THIRD PARTY VENDOR100

101

102

Departmental computer drive keys are not left in the machines, but are properly secured.Departmental server recovery documentation is stored off-siteDepartmental CPUs are locked so that the cover cannot be removed and internal boards removed.Data storage media (tapes, disks, CD-ROM) are properly secured.An inventory (including serial and University equipment tag#) of departmental computers, laptops and other portable components is maintained.

Non-removable labels are attached to: computers, laptop, laptop’s case.

The facility is located at a sufficient distance from your office such that a disaster would not impact both locations similarly.

Your adminstrative and other records are either backed up through CASS facilities which have this daily off campus file storage or are otherwise backed up daily both on and off campus.

The facility is accessible within a reasonable period of time such that the records can be obtained quickly.

Your department has verified that your service providers have disaster recovery plans.Results of the service provider’s DR Test have been verified and the recovery time objectives are satisfactory.The recovery priority is known by your department in relationship to other service provider customers.

B1
The purpose of this worksheet is to assess where your vulnerabilities are in your department. Your answers to the questions or statements will help us identify gaps and vulnerabilities and suggest controls or strategies to implement in your business unit to reduce risks. For each category, answer Yes, No, Not applicable, or Unknown. In the Explanation column, feel free to elaborate on your answer.
B101
Off-site storage sites are used as a back up for critical files and electronic data. These questions or statements will help assess the potential need for off-site storage.
B106
If your business unit uses a third party vendor to support a critical job function, it is important to know what their contingency strategy is if their services ever became unavailable. These questions or statements will help assess if your department has verified the contingency strategy of third party providers.
Page 8: Risk Assessment Template NCSU

Risk Assessment 04/08/2023

Developed the NC State University Department of Business Continuity and Disaster Recovery

University Risks Weight Factor

Air Conditioning Failure 0

0

0

0

Bombing 0Cancellations of Events 0

0

0

Contract Violations 0Cooling Plant Failure 0Corruption of database 0Data Center Disruption 0

0

Decrease in enrollment 0Departmental Server failure 0

Embezzlement 0Epidemic 0Equipment Failure 0External Fire - Major 0

Risks may be a result of a threat. The below risks may be a result of the following threats: Natural Threats (Hurricane, Snow Storm, Tornado,), Loss of Key Staff, Technology Disruptions, Temporary or Long term loss of facility, or Utility Disruption)

Departmental Risk?

(YES/NO)

Probability(1, 2, 3)

IMPACT during critical time of year

(1, 2, 3)

Weighted Result

(probability x impact x weight

factor)

Anticipated Loss of Key Staff

Back-up tapes of the wrong data

Bad Credit Rating with Service Providers

Computer Equipment/Hardware Failure

Construction incidents or accidents

Declaration fees from Service Provider

B2
Katina Blue: Do you feel this risk is also a risk to your department? If NO, you do not have to answer any of the other columns.
C2
Katina Blue: How frequent has this happened within a 2 year period 1 (low) - hasn't happened 2 (med) - once in 2 years 3 (high) - more than once in 2 years
D2
Katina Blue: 1 (low) - no effect to normal business 2 (med) -minor disruption to normal business 3 (high) - must use an alternative
F2
Katina Blue: The score could be as low as ZERO and as high as Nine!
Page 9: Risk Assessment Template NCSU

Risk Assessment 04/08/2023

Developed the NC State University Department of Business Continuity and Disaster Recovery

University Risks Weight Factor

Risks may be a result of a threat. The below risks may be a result of the following threats: Natural Threats (Hurricane, Snow Storm, Tornado,), Loss of Key Staff, Technology Disruptions, Temporary or Long term loss of facility, or Utility Disruption)

Departmental Risk?

(YES/NO)

Probability(1, 2, 3)

IMPACT during critical time of year

(1, 2, 3)

Weighted Result

(probability x impact x weight

factor)

0

Flooding 0

0

Improper Use of Information 0

0

0

Inability to access website 0Inability to Make Deposits 0Inability to Make Transfers 0Infectious Animal Diseases 0

Internal Fire - Major 0Late Payments 0Law Suits 0Loss of Grant 0Loss of Revenue 0Media Failure (Data Tapes) 0

0

0

Operating System Failure 0

Firewall Corruption/Destruction

Flooding not related to Natural Disasters

Inability to access backup records/data

Inability to access off-site storage area

Negative reporting in Newspaper or Television

Nuclear Reactor Malfunctioning

B2
Katina Blue: Do you feel this risk is also a risk to your department? If NO, you do not have to answer any of the other columns.
C2
Katina Blue: How frequent has this happened within a 2 year period 1 (low) - hasn't happened 2 (med) - once in 2 years 3 (high) - more than once in 2 years
D2
Katina Blue: 1 (low) - no effect to normal business 2 (med) -minor disruption to normal business 3 (high) - must use an alternative
F2
Katina Blue: The score could be as low as ZERO and as high as Nine!
Page 10: Risk Assessment Template NCSU

Risk Assessment 04/08/2023

Developed the NC State University Department of Business Continuity and Disaster Recovery

University Risks Weight Factor

Risks may be a result of a threat. The below risks may be a result of the following threats: Natural Threats (Hurricane, Snow Storm, Tornado,), Loss of Key Staff, Technology Disruptions, Temporary or Long term loss of facility, or Utility Disruption)

Departmental Risk?

(YES/NO)

Probability(1, 2, 3)

IMPACT during critical time of year

(1, 2, 3)

Weighted Result

(probability x impact x weight

factor)

Overdraft Fees 0

0

Radioactive Contamination 0Regulatory Incompliance 0Repayment of Grant Funds 0Robbery 0Sabotage 0

0

0

Software/Application Failure 0

Tainted public image 0Tarnished brand image 0

0

0

Terrorism 0Train Derailment – Freight 0

0

Vandalism 0Virus Attacks 0Water leaks 0

Premium charges for Purchases

Security Breaches (Computer)

Service Provider Business Disruption

Telecommunications Failure - Data Network

Telecommunications Failure - Voice

Unavailability of Campus Transportation

B2
Katina Blue: Do you feel this risk is also a risk to your department? If NO, you do not have to answer any of the other columns.
C2
Katina Blue: How frequent has this happened within a 2 year period 1 (low) - hasn't happened 2 (med) - once in 2 years 3 (high) - more than once in 2 years
D2
Katina Blue: 1 (low) - no effect to normal business 2 (med) -minor disruption to normal business 3 (high) - must use an alternative
F2
Katina Blue: The score could be as low as ZERO and as high as Nine!
Page 11: Risk Assessment Template NCSU

Risk Assessment 04/08/2023

Developed the NC State University Department of Business Continuity and Disaster Recovery

University Risks Weight Factor

Risks may be a result of a threat. The below risks may be a result of the following threats: Natural Threats (Hurricane, Snow Storm, Tornado,), Loss of Key Staff, Technology Disruptions, Temporary or Long term loss of facility, or Utility Disruption)

Departmental Risk?

(YES/NO)

Probability(1, 2, 3)

IMPACT during critical time of year

(1, 2, 3)

Weighted Result

(probability x impact x weight

factor)

Workplace violence 0

B2
Katina Blue: Do you feel this risk is also a risk to your department? If NO, you do not have to answer any of the other columns.
C2
Katina Blue: How frequent has this happened within a 2 year period 1 (low) - hasn't happened 2 (med) - once in 2 years 3 (high) - more than once in 2 years
D2
Katina Blue: 1 (low) - no effect to normal business 2 (med) -minor disruption to normal business 3 (high) - must use an alternative
F2
Katina Blue: The score could be as low as ZERO and as high as Nine!
Page 12: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 12 of 79

Recovery Priority Time CriticalList your Critical Business Processes

Purpose of Process (e.g. revenue generation, administrative, customer service, support function,

ancillary function, etc)

RTOPower

RTOFacility

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
B1
Describe what the purpose of this process is.
C1
Katina Blue: (If a disruption in normal occurs, what is the priority for this process to be recovered)
Page 13: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 13 of 79

Page 14: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 14 of 79

List your Critical Business Processes RTOVital Records

RTOTelephone

RTOComputing and Network

List critical Software Applications that support this function

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
J1
Katina Blue: Identify all the university or departmental applications that support this critical process.
Page 15: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 15 of 79

Page 16: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 16 of 79

List your Critical Business ProcessesDescribe critical Equipment that

support this function(e.g. Computer hardware, lab equipment)

Describe critical Supplies that support this function

Dependencies: Who is supported by this process?

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
K1
Katina Blue: Identify any departmental hardware or lab equipment that supports this process if applicable. (e.g. Computers, lab instruments)
L1
Katina Blue: Identify any supplies needed to support this process (i.e. lab gloves, specialized forms)
Page 17: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 17 of 79

Page 18: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 18 of 79

List your Critical Business Processes Operational RisksDependencies:Who gives support to this process?

Is this process supported by a Vendor? If so, list the vendor.

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
N1
Katina Blue:
O1
Katina Blue: If this process is supported by a vendor, please list the Vendors name, else say NO
Page 19: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 19 of 79

Page 20: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 20 of 79

List your Critical Business Processes Techonology Risks Legal Risks Financial Risks

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
R1
Katina Blue: Describe the types of Legal Repercussions that could occur if this process was disrupted.
S1
Katina Blue: Describe the types of Financial Repercussions that could occur if this process was disrupted.
Page 21: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 21 of 79

Page 22: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 22 of 79

List your Critical Business Processes Reputational Risks Market/Strategic Risks

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
T1
Katina Blue: Describe the types of Reputation Repercussions that could occur if this process was disrupted.
U1
Katina Blue: Describe the types of Market/Strategic Repercussions that could occur if this process was disrupted.
Page 23: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 23 of 79

Page 24: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 24 of 79

List your Critical Business Processes ALTERNATIVE - FACILITY INACCESSIBLE(Risk Mitigation Strategy)

ALTERNATIVE - Power Outage(Risk Mitigation Strategy)

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
V1
Katina Blue: Describe how alternatively you could perform this process if your Facility Was inaccessible
W1
Katina Blue: Describe how alternatively you could perform this process in the event of a power outage
Page 25: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 25 of 79

Page 26: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 26 of 79

List your Critical Business ProcessesALTERNATIVE - Long Term Loss of Computing

and Networking(Risk Mitigation Strategy)

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
X1
Katina Blue: Describe how alternatively you could perform this process in the event of a disruption of computing and networking capabilities.
Page 27: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 27 of 79

Page 28: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 28 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 29: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 29 of 79

Page 30: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 30 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 31: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 31 of 79

Page 32: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 32 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 33: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 33 of 79

Page 34: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 34 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 35: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 35 of 79

Page 36: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 36 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 37: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 37 of 79

Page 38: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 38 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 39: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 39 of 79

Page 40: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 40 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 41: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 41 of 79

Page 42: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 42 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 43: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 43 of 79

Page 44: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 44 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 45: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 45 of 79

Page 46: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 46 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 47: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 47 of 79

Page 48: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 48 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 49: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 49 of 79

Page 50: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 50 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 51: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 51 of 79

Page 52: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 52 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 53: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 53 of 79

Page 54: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 54 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 55: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 55 of 79

Page 56: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 56 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 57: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 57 of 79

Page 58: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 58 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 59: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 59 of 79

Page 60: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 60 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 61: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 61 of 79

Page 62: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 62 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 63: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 63 of 79

Page 64: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 64 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 65: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 65 of 79

Page 66: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 66 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 67: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 67 of 79

Page 68: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 68 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 69: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 69 of 79

Page 70: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 70 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 71: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 71 of 79

Page 72: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 72 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 73: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 73 of 79

Page 74: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 74 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 75: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 75 of 79

Page 76: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 76 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 77: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 77 of 79

Page 78: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 78 of 79

List your Critical Business Processes

A1
Katina Blue: List all processes in your area that must continue in the event of a business disruption.
Page 79: Risk Assessment Template NCSU

NC State University Critical Processes Version 7

Developed by the Department of Business Continuity (515-5201) Page 79 of 79