The BIA was invented for the wrong reason…a self-serving reason. And unfortunately, that heritage has survived until today and still thrives.
In the earliest days of the Disaster Recovery industry, sooner or later, the commercial hotsite providers were asked the same question by every prospective client. “How can we recovery our systems in your hotsite…it is so much smaller than our environment”. Clearly a credible answer was needed. That answer was “because you will obviously not recover everything…only your most critical systems”. The very next question was predictable. “How do we define what is critical?”
Hence the BIA was born as the prescribed way to identify the critical system subset so that the commercial hotsites of the day were “big enough to meet the need”.
30+ years later. BIAs are still being used to define the smallest IT recovery footprint in a mistaken effort to minimize Disaster Recovery costs and complexity. Unfortunately, the smallest DR footprint results in the largest Business Continuity overhead and needlessly complicates the total continuity equation.
Instead of seeking the smallest footprint, a good BIA (assuming there is such a thing) should identify the optimal footprint, which in turn will support the simplest and most efficient BC capability.
It’s time to dump the traditional BIA!