CISSP · Question #1311
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
The correct answer is A. determine the risk of a business interruption occurring. A Business Impact Analysis (BIA) focuses on the consequences and effects of a disruption, not on the likelihood of one occurring. Risk probability assessment is a separate function belonging to risk analysis, not the BIA.
Question
Options
- Adetermine the risk of a business interruption occurring
- Bdetermine the technological dependence of the business processes
- CIdentify the operational impacts of a business interruption
- DIdentify the financial impacts of a business interruption
How the community answered
(31 responses)- A77% (24)
- B13% (4)
- C3% (1)
- D6% (2)
Why each option
A Business Impact Analysis (BIA) focuses on the consequences and effects of a disruption, not on the likelihood of one occurring. Risk probability assessment is a separate function belonging to risk analysis, not the BIA.
A BIA is specifically designed to analyze the impact and consequences of a business interruption after it occurs, not to determine the probability or risk likelihood of one happening. Assessing the likelihood of a disruption is the function of a Risk Assessment or Risk Analysis process, which is a distinct activity performed separately from the BIA. Including risk probability questions would conflate two separate disciplines within business continuity planning.
Identifying technological dependencies of business processes is a standard BIA component, as it helps determine which IT systems and infrastructure are critical to operations and must be recovered to restore business functions.
Identifying operational impacts - such as loss of productivity, inability to deliver services, or staffing disruptions - is a core purpose of the BIA questionnaire and directly informs recovery priorities.
Quantifying financial impacts, such as lost revenue, contractual penalties, or increased costs resulting from a disruption, is a fundamental objective of the BIA and is used to justify recovery investments and set recovery time objectives.
Concept tested: Business Impact Analysis scope versus risk assessment
Source: https://www.ready.gov/business-impact-analysis
Topics
Community Discussion
No community discussion yet for this question.