AN IMPORTANT PART of a business continuity plan (BCP) is a business impact analysis (BIA). The BIA is largely a data collection process. You can gather data through several methods. These include interviews, surveys, meetings, and more. After the data is collected, you can analyze it to determine which functions and resources are critical.
Once you've identified the critical functions and resources, you can identify acceptable outage times. The maximum acceptable outage (MAO) for a resource drives the recovery objectives. The two primary recovery objectives to focus on are recovery time objectives (RTOs) and recovery point objectives (RPOs).