Gitlab hero border pattern left svg Gitlab hero border pattern right svg

BC.1.04 - Business Impact Analysis Control Guidance

BC.1.04 - Business Impact Analysis

Control Statement

GitLab identifies the business impact of relevant threats to assets, infrastructure, and resources that support critical business functions. Recovery objectives are established for critical business functions.


The Business impact analysis (BIA) is a systematic process to determine and evaluate the potential effects of an interruption to critical business operations as a result of a disaster, accident or emergency.


This control is a subset of the Business Continuity control. Business Impact Analysis should exist for all services and teams that have a business continuity plan.



Main points that a high-level BIA should include, are listed below:

Additional control information and project tracking

Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the Business Impact Analysis control issue.

Policy Reference

Framework Mapping