Date of BIA:
Functional Owner: Infosys,Mr Girish Vaidya Senior vice president and Head Business unit
Reports to: Nandan Nilekani MD and COO of Infosys
Location: Bengaluru
BAU* Operational Head Co173051
BAU* Support Head
26778
Count:
*BAU is defined as Business As Usual
ity Management
anagement
nd solution comprising > Fast
T services
very and rapid implementation
ble Systems (Finnacle)
1 Insignificant
HSEQ (Health, Safety, Environment and Quali
Reputation
Legal and Compliance
Financial
Infrastructure
Reputation
Legal and Compliance
Financial
Infrastructure
3 Moderate
HSEQ (Health, Safety, Environment and Quali
Reputation
Legal and Compliance
Financial
Infrastructure
Reputation
Legal and Compliance
Financial
Infrastructure
5 Major
HSEQ (Health, Safety, Environment and Quali
Reputation
Legal and Compliance
MANAGEMENT
Imapct
IMPACT
Revenue decrease < R5m, Cost Increase < R5m
Insignificant impact on operations
Medical Incident, Short term local impact extending only as far as the activity,
Temporary impairment, full recovery is probable
Insignificant Local complaints, Minor disruptions to relations
Low level legal case
Revenue decrease R5m - 10m, Cost increase R5 million - R10 million
Performance below goal but within acceptable limits
Slight injury/First Aid, Medium term (5-15yrs) impact limited to the site and its
immediate surroundings, Permanent mild impairment which causes mild
restriction on daily functioning
Minor local public attention, Breakdown in relations at local govt. level and local
clients and suppliers
Minor legal issue
Revenue decrease 10m -20m, Cost increase R10 million - R20 million
Performance below goal. Moderate changes to infrastructure required.
Lost-time injury, long term regional impact, impact will cease after the
operational life of the activity, Permanent and moderate impairment which
causes significant restriction on daily functioning
Local impact- significant local public concern, Breakdown in relations with key
people at decision making level in State Government, Clients and Suppliers
Serious breach of the law. Moderate penalties
Revenue decrease 20m -50m, Cost increase R20 R50 miliion
Performance unacceptable- major changes required
Major injury or permanent disability, Permanent national environmental impact,
Permanent severe impairment resulting in death within 1-2 years
Regional impact- regional public concern, Breakdown in relations with National
Agencies, heads of critical clients and suppliers
Major breach of the law. Considerable penalties
Revenue decrease > 50m, Cost increase >R50 million
Unacceptable Performance - No alternative exists
A fatality, Event results in Legal action/ affect stakeholder relationships.
Permanent duration/ direct impact on human health. Felt across international
borders, Acute terminal illness with rapid progression to death
National /International impact-national/ international public concern, Breakdown
in relations with national government Ministery /National Departments
Very considerable penalties and prosecutions. Multiple law suits and jail terms
BIAL Business Continuity Management
Functional Breakdown: Testing Unit
Headcount(C
Important Time of Comments (regarding
Function Process ritical Short Description Important Days of Month Process Type Manual Workarounds description
Day Days & Time)
Personnel)
Planning and Control 10% i. To determine the scope and risks and identify the Initial 4 Days of the project Working hours Since its the initial days of Manual Since the feasibilty of the clients
(Managers) objectives of testing. the project, so here time is requirement is checked here hence it is
ii. To determine the test approach. spent on understanding the done by the managers manually
iii. To implement the test policy and/or the test strategy. functional document of the
client project requirements
Analysis and Design 20% (Team i. To review the test basis. 4th to 13th Days of the month Working hours After undertsandiwng the Partially Automated After understanding the feasibility, test
Leads) ii. To identify test conditions. clients requirement senior conditions can be either manually
iii. To design the tests. team starts working on test written or can be automated by the help
iv. To evaluate testability of the requirements and system. conditions and test cases of a software
v. To design the test environment set-up and identify and simultaneously to the
required infrastructure and tools. development of the code Manual
Implementation and Execution 60% (Software i. To develop and prioritize our test cases by using 14th Day to 22nd Days of the Working hours After the development of test Partially Automated Here execution can be either done
Engineers) techniques and create test data for those tests. month cases, execution starts and manually or it can also be automated
ii. To create test suites from the test cases for efficient test workaround for test case using a software like QTP(Quick Test
execution. failures is implemented and Professional)
iii. To execute test suites and individual test cases tested again for proper
TESTING following the test procedures. functionality of the software
iv. To re-execute the tests that previously failed in order to
confirm a fix.
Partially Automated
Evaluating exit criteria and Reporting 60% (Software i. To check the test logs against the exit criteria specified 23rd day to 26th Days of the Working hours After the execution of test Manual We need to check it manually whether
Engineers) in test planning. month cases it is checked whether the test execution is done properly as
ii. To assess if more test are needed or if the exit criteria the execution has met the per the exit criteria by the TL(Team
specified should be changed. exit criteria as per the client Lead)
iii. To write a test summary report for stakeholders. requireent Automated
Test Closure activities 20% (Team i. To check which planned deliverables are actually 27th to 30th Days of the month Working hours Senior team finally decides Manual Managers are involved here to manually
Leads) delivered and to ensure that all incident reports have been whether the software can be verify whether all the clients
resolved. delivered successfully to the requirements are properly tested or not
ii. To finalize and archive testware such as scripts, test clients as per the exit criteria so that they can proceed for User
environments, etc. for later reuse. after successful completion Accepance Testing
iii. To handover the testware to the maintenance of User Accepamce Testing
organization. They will give support to the software.
iv To evaluate how the testing went and learn lessons for
future releases and projects.
BIAL Business Continuity Management
Impact Analysis: Testing Unit
Finance
Network Infrastructure
HSEQ (Health, Safety,
Environment and Quality)
Planning and Control Reputation
Legal and Compliance
Highest Impact 1 1 2
Process RTO Up to 1 Week
Finance
Network Infrastructure
HSEQ (Health, Safety,
Environment and Quality)
Analysis and Design Reputation
Legal and Compliance
Highest Impact 1 1 1
Process RTO More than 1 Mon
Finance
Network Infrastructure
HSEQ (Health, Safety,
Implementation and Environment and Quality)
Execution Reputation
Legal and Compliance
Highest Impact 1 1 1
Process RTO 2-4 Weeks
Finance
Infrastructure
HSEQ (Health, Safety,
Evaluating exit criteria Environment and Quality)
and Reporting Reputation
Legal and Compliance
Evaluating exit criteria
and Reporting
Highest Impact 1 1 1
Process RTO 2-4 Weeks
Finance
Infrastructure
HSEQ (Health, Safety,
Environment and Quality)
Test Closure activities Reputation
Legal and Compliance
Highest Impact 1 1 1
Process RTO 2-4 Weeks
h
More
Up to 3 Up to 1
2-4 Weeks than 1 Rationale and Comments
Days Week
Month
i. To determine the scope and risks and identify the objectives of testing.
ii. To determine the test approach.
iii. To implement the test policy and/or the test strategy.
i. To check the test logs against the exit criteria specified in test
planning.
ii. To assess if more test are needed or if the exit criteria specified
should be changed.
iii. To write a test summary report for stakeholders.
RTO
More
8 - 24 Up to 3 Up to 1 2-4
4-8 Hours than 1
Hours Days Week Weeks
Month
x Up to 1 Week
x 2-4 Weeks
x 2-4 Weeks
x 2-4 Weeks
0 0 0 1 4 7
Up to 1 Week Up to 1 Week
0 - 4 Hours
4-8 Hours
8 - 24 Hours
Up to 3 Days
Up to 1 Week
2-4 Weeks
Mainframe
Quality centre
People Soft
Tableua
*The Recovery Time Objective (RTO) for each system refers to the first point at which a process requires access
timeframe for each critical system is defined by the shortest RTO for the processes it supports.
** The Recovery Point Objective (RPO) for each system refers to the maximum data loss that is tolerable to the
*** The Minimum Tolerable Period of Disruption (MTPoD) refers to what time the organisation can be
disrupted without treat to be out of business all together
Both RTO, RPO and MTPod are selected from the following list
0 - 4 Hours
4 - 8 Hours
8 - 24 Hours
Up to 3 Days
Up to 1 Week
2 - 4 Weeks
More than 1 Month
N/A
Planning and Control
Analysis and Design
Implementation and
Evaluating exit criter
Test Closure activities
0
0
0
0
0
0
0
All processes
BIAL Business Continuity Management
Critical Systems: Testing Unit
Objective (RPO) for each system refers to the maximum data loss that is tolerable to the process.
rable Period of Disruption (MTPoD) refers to what time the organisation can be
t to be out of business all together
1
2
3
4
5
9
10
11
12
13
14
15
17
Platform (e.g.
Package or
RPO** MTPod*** Server/Deskto Comments
Bespoke?
p)
A large high-speed
computer, especially one
0 - 4 Hours Up to 1 Week Package Desktop supporting numerous
workstations or
peripherals.
PeopleSoft is an integrated
software package that
provides a wide variety of
0 - 4 Hours Up to 1 Week Bespoke Desktop business applications to
assist in the day-to-day
execution and operation of
business processes.
Tableaucanhelpanyonesee
andunderstandtheirdata.
Connecttoalmostany
0 - 4 Hours Up to 1 Week Bespoke Desktop
database,draganddropto
createvisualizations,and
sharewithaclick.
system. The RTO
ss.
BIAL Business Continuity Management
Critical Assets: Testing Unit
Back-up
Ref Asset Quantity Location
available?
Services No
Up to Up to
System 0-4 4-8 8 - 24
Vital Records 3 1
dependancy Hours Hours Hours
Days Week
Test condition/scenarios
Y
document
Y
N
Lowest RTO:
Upto1Week
More
2-4
than 1 Alternate Source Media Type
Weeks
Month
None Software
None Software
None Software
None Software
None Software
Comments
0 - 4 Hours
Data Card
Laptop
ERP
SAP
MTN Corp- APN
Testing Softwares
Communication equipment
Up to 3 Days
Up to 1 Week
More
than 1 Comments
Month 2-4 Weeks
To communicate
More than 1 Month
To communicate using internet , and quick
transfer of data
an 1 Month
BIAL Business Continuity Management
Dependencies: Testing Unit
Dear: Infosys,Mr Girish Vaidya Senior vice president and Head Business unit i
1 Introduction
A Business Impact Analysis (BIA) has been conducted for in order to customise the business continuity plan according to the needs of
based on the following worst case scenario:
- This document is a summary of the BIA meeting you had with the BCM Project Team on
Please note that the BIA information in this document is a statement of recovery requirements not a statement of recovery capability. F
sign-off of the BIA, key risks will be identified that impact the critical processes and gaps or areas of improvement will be identified to e
and capability is in alignment with the risk of the company.
This document summarises the recovery requirements, in terms of recovery time objectives, workspace, systems, vital records and ass
recovery of your teams or functions critical processes.
Function description
As part of the BIA performed the following critical processes have been identified as part of your function:
RTO
# Process name
0-4 Hours
4-8 Hours
i. To determine the scope and risks and identify the objectives of testing.
01 ii. To determine the test approach.
iii. To implement the test policy and/or the test strategy.
The following systems have been identified that support the delivery of critical processes by this team or function. Please confirm these
additions and / or deletions.
Critical Process(es)
Package vs.
System Platform supported by the RTO* RPO**
Bespoke
system
*The Recovery Time Objective (RTO) for each system refers to the first point at which a process requires access to the system. The RTO
is defined by the shortest RTO for the processes it supports.
** The Recovery Point Objective (RPO) for each system refers to the maximum data loss that is tolerable to the process.
*** The Minimum Tolerable Period of Disruption (MTPoD) refers to what time the organisation can be disrupted without threat to be out
Critical assets
The following assets have been identified as critical to your team or function.
Backup
Quanitit Locatio
Asset availabl Comments
y n
e?
Application software,System
Computing services that the
computers, servers, desktop
has outsourced.
notebook
Databases:computers.Commu
Information abou
equipment: Modems, routers
customers, personnel, produ
marketing, finances.
Up to More
0-4 4-8 8 - 24 Up to 2-4
Workspace 1 than 1
Hours Hours Hours 3 Days Weeks
Week Month
Data Card
Laptop
ERP
SAP
MTN Corp- APN
Testing Softwares
Up to More
0-4 4-8 8 - 24 Up to 2-4
Equipment 1 than 1
Hours Hours Hours 3 Days Weeks
Week Month
The following staff have been identified as critical as part of your recovery requirements.
The following vital records have been identified as part of your recovery requirements.
Up to
System 0-4 4-8 8 - 24 Up to 2-4
Vital Records 1
dependancy Hours Hours Hours 3 Days Weeks
Week
Client Requirement document Y
Functional testing requirement
Y
document
Test condition/scenarios
Y
document
Defect report document Y
Dependency summary
The following internal and external dependants within your function have been identified.
3 BIA Sign-of
If the BIA information for your functional area is accurate, please sign off the section below.
Name
Signature Date
Business Impact Analysis Sign-of
plan according to the needs of the . The BIA has been conducted
Location
ction is involved.
RTO
Up to More
8 - 24 Up to 2-4
1 than 1
Hours 3 Days Weeks
Week Month
arounds description
MTPod
Comments
***
s access to the system. The RTO timeframe for each critical system
e to the process.
rupted without threat to be out of business all together
Comments
Comments
Comments
To communicate
ments
be capable of understanding client
ments and business impact interms of
ty and cost /benefits
More
Alternate
than 1 Media Type
Source
Month
None Software
None Software
None Software
None Software
Comments
Code development as per the client
requirement
They will be responsible for the smooth
functioning of the testing project
Err:509
Err:509
Err:509
Err:509
Err:509
Comments
They will test the software as per cleint
requiremtns
For execution of test scenarios/ test cases
eg: Mainframe, QTP,Quality centre