nerdexam
(ISC)2

CISSP · Question #746

A security professional has just completed their organization's Business Impact Analysis (BIA). Following Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) best practices, what would be the pr

The correct answer is A. Identify and select recovery strategies.. The next step after completing the organization's Business Impact Analysis (BIA) is to identify and select recovery strategies. A BIA is a process of analyzing the potential impact and consequences of a disruption or disaster on the organization's critical business functions and

Submitted by naveen.iyer· Mar 5, 2026Security Operations

Question

A security professional has just completed their organization's Business Impact Analysis (BIA). Following Business Continuity Plan/Disaster Recovery Plan (BCP/DRP) best practices, what would be the professional's NEXT step?

Options

  • AIdentify and select recovery strategies.
  • BPresent the findings to management for funding.
  • CSelect members for the organization's recovery teams.
  • DPrepare a plan to test the organization's ability to recover its operations.

How the community answered

(63 responses)
  • A
    79% (50)
  • B
    6% (4)
  • C
    11% (7)
  • D
    3% (2)

Explanation

The next step after completing the organization's Business Impact Analysis (BIA) is to identify and select recovery strategies. A BIA is a process of analyzing the potential impact and consequences of a disruption or disaster on the organization's critical business functions and processes. A BIA helps to identify the recovery objectives, priorities, and requirements for the organization. Based on the BIA results, the organization should identify and select the recovery strategies that are suitable and feasible for restoring the critical business functions and processes within the acceptable time frame and cost. The recovery strategies may include technical, operational, organizational, or contractual solutions, such as backup systems, alternate sites, mutual aid agreements, or insurance policies.

Topics

#Business Continuity Planning (BCP)#Disaster Recovery Planning (DRP)#Business Impact Analysis (BIA)#Recovery strategies

Community Discussion

No community discussion yet for this question.

Full CISSP Practice