CERTIFIED-IN-CYBERSECURITY · Question #285
CERTIFIED-IN-CYBERSECURITY Question #285: Real Exam Question with Answer & Explanation
The correct answer is C: According to business needs and requirements. The frequency for testing an organization's Business Continuity Plan (BCP) should be determined based on business needs and requirements (see the ISC2 Study Guide, Chapter 2, Module 2), as the frequency of testing should be aligned with the organization's risk profile, operationa
Question
What is the recommended appropriate frequency for testing an organization's Business Continuity Plan (BCP)?
Options
- AEvery six months
- BEvery five year
- CAccording to business needs and requirements
- DAnnually
Explanation
The frequency for testing an organization's Business Continuity Plan (BCP) should be determined based on business needs and requirements (see the ISC2 Study Guide, Chapter 2, Module 2), as the frequency of testing should be aligned with the organization's risk profile, operational needs and any changes in the business environment. For example, an organization operating in a rapidly changing industry may need to test its BCP more frequently, such as quarterly, to ensure that it remains effective in the face of new threats or vulnerabilities. The other options, which suggest testing the BCP annually, every six months, or every five years, are incorrect because they imply a one-size-fits-all approach. While these intervals may be appropriate for some organizations, they may not be sufficient for others. For example, an organization that handles highly sensitive data or operates in a high-risk environment may need to test its BCP more frequently than annually to ensure that it can effectively respond to potential disruptions
Topics
Community Discussion
No community discussion yet for this question.