Business and IT Impact Analysis 
QuestionnaireSecurity Manual Template

Business and IT Impact Analysis

ISO 27001, ISO 27002, HIPAA, and
Sarbanes Oxley Compliant

This Business and IT Impact Analysis Questionnaire has been designed by one of Industry's most experienced application assessment consultants.  This Questionnaire has been used in over 500 assessment, DRP and business impact projects in the past four years.  Included is a Risk Ranking definition.  The Word version of the questionnaire is automated with check boxes that can be updated in Word.

The Questionnaire (Form) is a 23 pages in length and contains the following:

  • Facilities / Business Function / Application
  • Sarbanes-Oxley Compliance
  • ISO 27001 and ISO 27002 compliant
  • HIPAA Compliance
  • System of Internal Controls
  • User Environment
  • Processing Environment
  • Historical Information
  • Operating Environment
  • Criticality of Application
  • Database / File Name
  • Documentation
  • Security
  • Application Support and Maintenance
  • Resource Usage
  • Hardware Requirements by Department
  •  Backups

Order BIA Questionnaire Download BIA Questionnaire Sample 

Security Management Job Description Bundle


Modern organizations have a huge challenge on their hands, on a scale unlike anything they have seen. They must “secure” the organization in the face of increasing complexity, Security Management Job Descriptionsuncertainty, and interconnection brought about by an unprecedented reliance on technology to accomplish their mission. They must also stay mindful of the regulations as legislators discover the importance of security.  Some of the challenges that organizations must overcome to be successful in this environment are based on the roles that individuals within the enterprise play. 

These job descriptions defines ways in which a change in responsibilities are the impetus for an emerging mission-driven approach to security.

  • Chief Security Officer (CSO)
  • Chief Compliance Officer (CCO)
  • VP Strategy and Architecture
  • Director e-Commerce
  • Database Administrator
  • Data Security Administrator
  • Manager Data Security
  • Manager Facilities and Equipment
  • Manager Network and Computing Services
  • Manager Network Services
  • Manager Training and Documentation
  • Manager Voice and Data Communication
  • Manager Wireless Systems
  • Network Security Analyst
  • System Administrator - Unix
  • System Administrator - Windows