A Model Supporting Business Continuity Auditing and Planning in Information Systems

  • Zambon E
  • Bolzoni D
  • Etalle S
 et al. 
  • 11


    Mendeley users who have this article in their library.
  • N/A


    Citations of this article.


One of the main tasks of IT business continuity planning (BCP) is to guarantee that incidents affecting the IT infrastructure do not affect the availability of IT-dependent business processes beyond a given acceptable extent. Carrying out BCP of information systems is particularly challenging, because it has to take into consideration the numerous interdependencies between the IT assets typically present in an organization. In this paper we present a model and a tool supporting BCP auditing by allowing IT personnel to estimate and validate the recovery time objectives (to be) set on the various processes of the organization. Our tool can be integrated in COBIT-based risk assessment applications. Finally, we argue that our tool can be particularly useful for the dynamic auditing of the BCP.

Get free article suggestions today

Mendeley saves you time finding and organizing research

Sign up here
Already have an account ?Sign in

Find this document


  • Emmanuele Zambon

  • Damiano Bolzoni

  • Sandro Etalle

  • Marco Salvato

Cite this document

Choose a citation style from the tabs below

Save time finding and organizing research with Mendeley

Sign up for free