# Impact Matrix

The (business) impact matrix (BIM) is where you identify the areas that are critical to your organization.

In the impact matrix, you can create groups of devices that represent collections of important assets that you want to monitor. For example, you may be concerned about things such as student records or accounting systems. You can place devices that host this information in a group to monitor them. Then you specify the importance of the assets in the group (critical, high, medium, or low). This is useful when you want to view critical paths other than the defaults that Epiphany provides and you instead want to focus on the devices that represent areas that are important to your organization - your "crown jewels". 

Once you save the group, Epiphany performs path optimization and identifies the many different ways an attacker can access the devices in your group. You can see which devices, of the thousands of devices in your system, are part of your student record system or accounting system.

{% hint style="success" %}
Once you add an item to a group, its membership in the group is shown in its tile in the Path Finder. For example, in the image below, the item is in the **BIM Group** named **Finance** (BIM stands for "business impact matrix"). In this example, a user created an Impact group called Finance and added the item to that group. 

![](/files/rrnz9gCeindoSLn7hqLu)
{% endhint %}

To access the Impact Matrix:

* In the left navigation menu, expand **Attack Path Tools** and then select **Impact Matrix**. A blank canvas displays, which is where you will create a business impact matrix (BIM) group. You create this group by drawing and naming a circle and identifying its level of importance, and then adding assets to the group. 

<figure><img src="/files/LO9KwZhbECnO2bokI4I9" alt=""><figcaption><p>Impact Matrix canvas, ready for you to create a BIM group.</p></figcaption></figure>

* Right-click in the middle of the pane to create a group. Then select **Enable Drawing Mode**. Drag your mouse to draw a circle.&#x20;
* Enter the **Group Name**. For example, name the group **Student Records.** Then select its **Importance** and select **Save.**

<figure><img src="/files/lsbGfYDgiXXYHJ0ZTPDm" alt=""><figcaption><p>Name of the BIM group and its importance.</p></figcaption></figure>

You can now specify which devices are part of your student record system by dragging them from the list on the right into the circle. In the image below, three devices were dragged into the circle, thus indicating they are part of the student record system. The devices are considered important because If those devices are compromised, then the student record system may be lost. Once you save this group by selecting **Save** at the top of the page, Epiphany performs optimization on the devices and their data paths.

<figure><img src="/files/jUm359ThemKJMrwYR3qh" alt=""><figcaption><p>Completed BIM group.</p></figcaption></figure>

The Attack Path icon <img src="/files/Q4u2uiPhSU639drUS8X7" alt="" data-size="line"> indicates a node that's in an attack path. Its color indicates the level of risk (red is higher risk; purple is lower).&#x20;

Right-click on a node and select **Assign Group**, **Node Tags**, or **Node Detail**:

* **Assign Group**: Confirm the group assignment for the node.&#x20;
* **Node Tags**: Assign tags to the node. You can specify a tag's value (i.e., critical, high, medium, or low), which changes its color (red, orange, yellow, or green). You can view tags currently assigned to a node, and you can create custom tags.&#x20;
* **Node Detail**: You can view an amazing amount of information about the device, including its operating system, total number of risks, risk level, primary group, and number of users. You can also view a list of all the device's vulnerabilities. You can also see a list of all installed applications, paths the device is in, and the device's data sources. <br>

  <figure><img src="/files/hKrHkyM20aLqh5SYkhl7" alt=""><figcaption></figcaption></figure>

  <figure><img src="/files/33dWJnoP5Tz5iCCUmo2w" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.reveald.com/technical-documentation/admin-guides/epiphany-intelligence-platform-administrator-guide/epiphany-tools/impact-matrix.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.