Incident Impact Assessment

From GM-RKB

(Redirected from Consequence Assessment)

Jump to navigation Jump to search

An Incident Impact Assessment is an impact evaluation incident analysis outcome that quantifies incident consequences.

AKA: Impact Analysis, Incident Effect Evaluation, Consequence Assessment, Damage Assessment.
Context:
- It can typically measure Business Impact through revenue loss calculation and customer affect metrics.
- It can typically evaluate Technical Impact via system downtime measurement and service degradation levels.
- It can typically assess User Impact including affected user count and user experience degradation.
- It can typically determine Compliance Impact through regulatory violation assessment and audit findings.
- It can typically calculate Reputational Impact using brand damage indicators and customer trust metrics.
- ...
- It can often identify Cascading Effect across interconnected systems and dependent services.
- It can often quantify Recovery Cost including restoration expenses and mitigation investments.
- It can often estimate Productivity Loss from workflow disruption and operational delays.
- It can often reveal Data Impact such as data loss volume and data integrity compromise.
- ...
- It can range from being a Preliminary Incident Impact Assessment to being a Comprehensive Incident Impact Assessment, depending on its assessment depth.
- It can range from being a Qualitative Incident Impact Assessment to being a Quantitative Incident Impact Assessment, depending on its measurement approach.
- It can range from being a Immediate Incident Impact Assessment to being a Long-term Incident Impact Assessment, depending on its temporal scope.
- It can range from being a Local Incident Impact Assessment to being a Enterprise-wide Incident Impact Assessment, depending on its organizational scope.
- It can range from being a Single-Domain Incident Impact Assessment to being a Multi-Domain Incident Impact Assessment, depending on its impact breadth.
- ...
- It can be conducted through Impact Analysis Framework using assessment methodology.
- It can be documented in Incident Report Document for management review.
- It can be supported by Impact Measurement Tool and analytics platforms.
- It can be validated through Stakeholder Verification and data correlation.
- It can be utilized for Incident Prioritization and resource allocation decisions.
- ...
Example(s):
- Security Incident Impact Assessments, such as:
  - Data Breach Impact Assessment measuring exposed record count and privacy violation.
  - Ransomware Impact Assessment calculating encryption damage and ransom demand.
  - DDoS Attack Impact Assessment evaluating service availability loss and traffic cost.
- Operational Incident Impact Assessments, such as:
  - System Outage Impact Assessment quantifying downtime duration and transaction loss.
  - Supply Chain Disruption Assessment measuring delivery delay and inventory shortage.
  - Manufacturing Stoppage Assessment calculating production loss and deadline impact.
- Financial Incident Impact Assessments, such as:
  - Trading System Failure Assessment measuring transaction failure and market loss.
  - Payment Processing Impact Assessment calculating payment delay and fee penalty.
  - Fraud Incident Assessment quantifying monetary loss and account compromise.
- Healthcare Incident Impact Assessments, such as:
  - Patient Care Disruption Assessment evaluating treatment delay and safety risk.
  - Medical System Failure Assessment measuring diagnostic impact and procedure cancellation.
  - HIPAA Breach Assessment calculating record exposure and compliance violation.
- ...
Counter-Example(s):
- Risk Assessment, which evaluates potential future impacts rather than actual incident consequences.
- Performance Baseline Measurement, which establishes normal operational metrics rather than incident damage.
- Capacity Planning Analysis, which projects resource needs rather than assessing incident effects.
See: Risk Analysis Task, Business Impact Analysis, Incident Management Process, Crisis Management, Disaster Recovery Planning, Cost-Benefit Analysis, Service Level Agreement, Compliance Assessment, Stakeholder Analysis, Performance Measurement Framework.

Retrieved from "http://www.gabormelli.com/RKB/index.php?title=Incident_Impact_Assessment&oldid=960402"