[OR] [P2] [S3] [ITo] [C5] Key Components of Impact Tolerance

[P2] [S3] Chapter 5

Key Components of Impact Tolerance

Introduction

Setting impact tolerance is not an abstract exercise—it requires organisations to define clear, measurable thresholds that determine when disruption becomes unacceptable.

These thresholds must reflect the real-world consequences of service disruption across multiple dimensions, including customers, financial performance, regulatory compliance, and broader systemic stability.

To achieve this, organisations must break down impact tolerance into specific, quantifiable components. These components provide the basis for consistent assessment, enable comparison across Critical Business Services (CBS), and support scenario testing and validation.

This chapter outlines the key components of impact tolerance to ensure that tolerance levels are both defensible and operationally meaningful.

Purpose of the Chapter

The purpose of this chapter is to define the measurable elements used in setting impact tolerance, enabling organisations to:

• Establish clear thresholds for acceptable disruption
• Quantify the impact of service outages across multiple dimensions
• Align tolerance levels with customer, regulatory, and business expectations
• Support scenario-based calibration and testing
• Enable consistent monitoring and reporting

Maximum Tolerable Downtime (MTD)

Maximum Tolerable Downtime (MTD) represents the maximum duration that a Critical Business Service can be disrupted before the impact becomes unacceptable.

It is one of the most fundamental components of impact tolerance and answers the question:

“How long can this service be unavailable before it causes intolerable harm?”

Key Considerations

• Defined at the CBS or Sub-CBS level, not at the individual system level
• Based on customer impact, not just operational inconvenience
• May vary depending on:
• Time of day (e.g., peak vs non-peak hours)
• Business cycles (e.g., month-end, payroll periods)
• Should be validated through scenario testing

Example

• Payment processing service: MTD = 2 hours
• Customer onboarding service: MTD = 24 hours

MTD provides the time boundary within which recovery and continuity strategies must operate.

Maximum Tolerable Data Loss (MTDL)

Maximum Tolerable Data Loss (MTDL) defines the maximum amount of data that can be lost without causing unacceptable impact.

It complements MTD by addressing data integrity and continuity, which are critical in digital and financial environments.

Key Considerations

• Expressed in terms of:
• Time (e.g., last 15 minutes of transactions)
• Volume (e.g., number of records)
• Critical for services involving:
• Financial transactions
• Customer records
• Regulatory reporting
• Closely linked to Recovery Point Objective (RPO)

Example

• Real-time payment system: MTDL = near zero
• Batch reporting system: MTDL = 4 hours

MTDL ensures that data loss remains within acceptable limits, preserving trust and operational integrity.

Customer Impact Thresholds

Customer impact thresholds define the maximum level of disruption that customers can experience before it becomes unacceptable.

This is a core element of service-centric resilience, focusing on the end-user experience.

Key Dimensions

• Number or percentage of customers affected
• Duration of service unavailability
• Severity of service degradation (e.g., slow processing, partial access)
• Impact on vulnerable customer segments

Examples

• No more than 20% of customers are unable to access online banking for more than 1 hour
• No failed transactions for critical payments above a defined threshold

Customer impact thresholds ensure that resilience is aligned with customer expectations and trust.

Financial Impact Thresholds

Financial impact thresholds define the maximum financial loss the organisation can tolerate due to service disruption.

These losses may arise from:

• Direct revenue loss
• Compensation to customers
• Penalties and fines
• Operational recovery costs

Key Considerations

• Should align with the organisation’s risk appetite
• May include:
• Daily loss limits
• Event-based loss thresholds
• Must consider both direct and indirect financial impacts

Example

• Maximum acceptable loss per disruption event: USD 5 million
• Daily revenue impact threshold: 10% of expected income

Financial thresholds ensure that disruptions remain within economically manageable limits.

Regulatory Impact Thresholds

Regulatory impact thresholds define the level of disruption that would result in non-compliance with laws, regulations, or supervisory expectations.

This component is particularly critical for regulated industries, such as financial services.

Key Considerations

• Breach of regulatory reporting timelines
• Failure to meet service obligations
• Violation of data protection requirements
• Non-compliance with operational resilience guidelines

Examples

• Zero tolerance for missed regulatory reporting deadlines
• No breach of customer data confidentiality

Regulatory thresholds often represent hard limits, where any breach is considered unacceptable.

Reputational Impact Considerations

Reputational impact reflects the potential damage to the organisation’s brand, trust, and market confidence resulting from service disruption.

While less quantifiable, it is a critical component of impact tolerance.

Key Indicators

• Negative media coverage
• Social media sentiment
• Customer complaints and attrition
• Loss of investor confidence

 Approach 

• Use proxy measures, such as:
• Number of complaints
• Duration of public-facing outages
• Incorporate into scenario analysis

Reputational considerations ensure that impact tolerance accounts for long-term consequences beyond immediate operational impact.

Systemic Risk Implications

Systemic risk implications assess whether a disruption could impact the broader financial system, market stability, or critical infrastructure.

This is especially relevant for organisations that are:

• Systemically important financial institutions
• Key service providers in critical sectors
• Highly interconnected within industry ecosystems

Key Considerations

• Cascading effects on other institutions
• Market disruption or liquidity impact
• Loss of confidence in the financial system
• Dependency on shared infrastructure (e.g., payment networks, clearing systems)

Examples

• Disruption to interbank payment systems
• Failure of a major clearing or settlement service

Systemic risk elevates impact tolerance from an organisational concern to a sector-wide and regulatory priority.

Integrating the Components

These components should not be viewed in isolation. Effective impact tolerance setting requires an integrated approach, where:

• Time (MTD)
• Data (MTDL)
• Customer impact
• Financial impact
• Regulatory constraints
• Reputational consequences
• Systemic implications

are evaluated collectively to define a comprehensive tolerance threshold.

Example of Integrated View

The effectiveness of impact tolerance depends on how well it is defined, measured, and integrated across multiple impact dimensions.

By breaking it down into key components, organisations can move from abstract concepts to practical, actionable thresholds.

These components provide the foundation for:

• Scenario testing
• Resilience strategy design
• Governance and decision-making
• Continuous monitoring and improvement

In the next chapter, we will explore the methodology for setting impact tolerance, providing a structured, step-by-step approach to applying these components in practice.