CERTIFIED-IN-CYBERSECURITY Question #287: Real Exam Question with Answer & Explanation

Question

How does a Business Impact Analysis (BIA) contribute to the disaster recovery planning process?

Options

• ABy avoiding the consideration of potential impacts on the organization
• BBy disregarding the need for a coordinated response to a disaster
• CBy identifying the critical systems and processes that must be prioritized
• DBy focusing solely on preventing disasters from occurring

Explanation

A BIA is an essential step in the disaster recovery planning process, as it helps organizations understand the potential impacts of a disaster or major incident on their operations and identify the systems and processes that are most critical to their continued functioning (see ISC2 Study Guide, Module 3, under Disaster Recovery). In practice, BIA helps organizations prioritize their recovery efforts. Imagine a company that conducts a BIA and identifies systems such as order processing, inventory management, CRM, and communication infrastructure as vital to the company's operation. With the BIA findings, the company prioritizes recovery efforts, allocates resources, and develops a detailed recovery plan, ensuring business continuity. The BIA serves as a foundation for implementing preventive measures like redundant hardware, off-site backups, data encryption, and employee training on emergency response protocols. The remaining options are not accurate descriptions of the purpose of a BIA. Focusing solely on preventing disasters from occurring is not sufficient to ensure an effective disaster recovery plan. Disregarding the need for a coordinated response to a disaster and avoiding the consideration of potential impacts on the organization are not recommended approaches for disaster recovery planning

No community discussion yet for this question.