Impacts

What are Impacts?

A key requirement of the ISO 22301 Standard within the Operation phase is to determine a level of criticality for each of the activities that an organisation performs. Abriska assesses activity criticality by stating what the impact to the organisation would be over time, following an incident. To ensure that all impacts are covered for each activity, all of the different impacts should be entered into the tool. These impacts have a scale that is pre-defined at the organisation level, thereby ensuring that a consistent model is applied to the perceived impact. Finally, a threshold should be set for a specific impact allowing an impact level to be designated as too high for the organisation to accept.

Each organisation can have a number of impact types and, below these, a number of specific impacts. Impact types allow multiple impacts to be grouped together and could have a similar scale or threshold. A possible impact type could be ‘Financial’ or ‘Operational’. Impacts are specific to the organisation and allow the required level of granularity to be achieved. To view the impacts, click ‘Impacts’ on the BIA Setup screen.

All impacts need to have the same number of levels. This number of levels will be set up during the installation of Abriska.

Managing Impact Types

Creating a New Impact Type

New impact types can be created by clicking on the ‘New Impact Type’ button. ~~(highlighted red in Figure 1 - Impact List) this~~This will then display the ‘Impact Type’ form ~~(shown in Figure 2 - Add, Amend or Delete Impact Type). This~~which allows the name of ~~the~~a new impact type to be specified and whether the impact type is ‘Quantitative’ or ‘Qualitative’. After submitting the form, default names will be added for each of the levels, but the level description will remain blank. Each impact level should have a description, and be colour coded, before continuing. To modify the level, click on the ‘Impact ~~Name’ (highlighted red in Figure 2 - Add, Amend or Delete Impact Type),~~Name’, update the details and ‘Submit’.

Deleting an Impact Type

Impact types can only be deleted when no impacts exist which are associated with it. To delete an impact type, navigate to the specified impact type and click ‘Delete Impact Type’ ~~(highlighted~~from ~~blue~~sidebar.

~~in Figure 2 - Add, Amend or Delete Impact Type).~~ Warning: As this can only be deleted when no linked information exists, this is a firm ~~delete.~~delete.

Creating a New Impact

Impacts are created as sub-sections of ‘Impact Types’. Therefore, the impact type must exist before an impact can be created. To create a new impact click on the ‘New Impact’ ~~button~~button. ~~(highlighted blue in Figure 1 - Impact List).~~ This will provide the opportunity to add the impact name, a description and also specify the impact type. ~~After submitting this form, the form shown in Figure 3 - Customised Impact Scales will be shown. Note:~~

If a new impact is created after the BIA has begun, all activities will need to specify a response to that impact. ~~This~~ is(see ~~covered~~Impact inOver ~~Section 2.3.6 Identify impact over time~~Time and ~~MTPD.~~MTPD)

Impact Scales

When impacts are initially created, they inherit their impact levels from the impact ~~type (indicated with a cross in Figure 3 - Customised Impact Scales).~~type. To give additional granularity for a specific impact, the individual scale can be modified. To do this, click on the ‘Impact Scale Name’ to be customised and the ‘Impact Unit’ form ~~(shown in Figure 4 - Modify Impact Unit)~~ will be displayed.