In this paper, Learn about the information security consulting procedure based on the Business Continuity Planning.The purpose of this study is to propose improvements to the configuration according to the consulting process, as follows. First, Focus primarily on control items to apply KISA ISMS certification consulting, ISO 27001(Information Security Management System) certification consulting, Critical Information Infrastructure diagnosis, Finance Information Infrastructure diagnosis. Second, Study definition and key elements of the BCP(Business Continuity Planning), BIA(Business Impact Analysis) to derive the implications. Third, the study suggests a common checklist applicable effective improvements around the business impact analysis (BIA) through the derived implications. Finally, a summary of the measures presented above. Future to include BIA(Business Impact Analysis) procedure checklist for updating that take advantage of management and implement of the BCP.