Business Impact and Threat Assessment


Pricing starts at $1,200 for in-network credit unions, relative to the size and complexity of operations and IT topology. A custom Statement of Work and proposal will be provided based on a (free) initial consultation.


The Business Impact and Threat Assessment plays a fundamental part in designing an organization’s continuity and recovery strategy and is essential to the development of an effective Business Continuity Program. Executive management who understand the requirements of their business operations are better able to balance risk with the cost of prevention, mitigation, and contingency solutions. The same certified professionals who currently oversee the Business Continuity Program at CU*Answers offer a range of cost-effective solutions to assist your credit union in the planning, development, and implementation of your continuity and recovery plan, beginning with an accurate impact and threat assessment.



In a constantly changing and ever increasing complex business and IT environment, unplanned disruptions can be costly, resulting in financial losses, member dissatisfaction, and regulatory compliance issues. With limited budget resources, it is vital that organizations invest in the technology and controls that will have the greatest impact in ensuring the ability to serve their member base while protecting and preserving sensitive information. The first step toward this goal is to accurately assess the threats that pose a risk of a business disruption and the impact to operations should it occur.

The process begins with a qualitative assessment of threats (natural, man-made, and technical) to determine the likelihood of occurrence and the impact to the credit union and its members. This requires an understanding of the business processes, including the required resources and dependencies, as well as the technology that supports them. By measuring the impact, we can categorize and prioritize critical business functions and establish Recovery Time and Recovery Point Objectives (RTO/RPO) for each. This information is instrumental in developing and implementing the appropriate continuity and recovery strategies and controls.

The certified business continuity professionals at CU*Answers have the knowledge and experience needed to work with your team and take your Business Continuity program from where it is today, to where you need it to be.

The Process

A certified CU*Answers Business Continuity professional will work with you and your team from start to finish to:

  1. Perform a top-down Threat Assessment relative to your business operations, IT topology, and geographic location.
  2. Identify and categorize critical business functions and the impact to operations in the event of a disruption.
  3. Determine estimation of Maximum Allowable Downtime (MAD) for each critical function and Recover Time and Point Objectives (RTO/RPO) for required resources.
  4. Assess current continuity and recovery strategies and recommend options to further mitigate residual risk and improve recovery capabilities.
  5. Document the results of the assessment in a report for presentation to your Board of Directors.

Next Steps

Engagements start at $1,200.00 and are based on the size and complexity of operations and IT topology.

An initial (free) consultation is offered to assess the needs of your existing Business Continuity program and identify an action plan to perform the Business Impact and Threat Assessment. A custom Statement of Work and proposal will be provided for each project.


There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.