Conducting a business impact analysis for business continuity