1.0 Purpose
Refer to the Business Impact Analysis Policy for a review of the objectives behind creating a Business Impact Analysis.
2.0 System Description
What follows is a general description of FinGoal’s system architecture and functionality, along with the OS, location, and external connections for each system. For more information on FinGoal’s system architecture, refer to the FinGoal system architecture diagrams.For more details on FinGoal’s Cloud Infrastructure.
Untitled
3.0 Outage Impacts
Note: Unless otherwise stated, the impact category severe on each of the following entries is characterized by the following:
- Loss of data
- Exposure of sensitive consumer data
- Security audits and contracting to locate vulnerabilities
- Discovery, remediation, and prevention of critical security vulnerabilities
3.1 FinSightAPI Core
- Moderate: Core services experience long downtime, resulting in loss of consumer data and disruption of service to several clients. Core must be restored within the acceptable window and cause of the disruption must be located and remedied.
- Minimal: Core services lose connectivity with another FinGoal operated service, valuable proprietary information is lost and must be restored after the fact.
3.2 FinGoal Backend
- Moderate: New Yodlee users cannot be created and new Yodlee data is unable to enter the FinGoal ecosystem. FinGoal mobile application will no longer function. Steps must be taken to reestablish connection and redeploy.
- Minimal: FinGoal mobile application is temporarily unavailable for demo purposes until an error is resolved or a deploy is rolled back to a stable release.
3.3 FinSight Engine
- Moderate: FinGoal’s human advice curators are unable to generate new advice for the duration of the downtime, and FinGoal’s advice administrators cannot manage and QA check automated advice or user coverage levels.
- Minimal: FinGoal’s human advice curators are forced to resort to CURL requests against the Core API to do their work until the platform is restored.