SSCP · Question #390
SSCP Question #390: Real Exam Question with Answer & Explanation
The correct answer is C: At least once a year. As stated in SP 800-34 Rev. 1: To be effective, the plan must be maintained in a ready state that accurately reflects system requirements, procedures, organizational structure, and policies. During the Operation/Maintenance phase of the SDLC, information systems undergo frequent
Question
How often should a Business Continuity Plan be reviewed?
Options
- AAt least once a month
- BAt least every six months
- CAt least once a year
- DAt least Quarterly
Explanation
As stated in SP 800-34 Rev. 1: To be effective, the plan must be maintained in a ready state that accurately reflects system requirements, procedures, organizational structure, and policies. During the Operation/Maintenance phase of the SDLC, information systems undergo frequent changes because of shifting business needs, technology upgrades, or new internal or external policies. As a general rule, the plan should be reviewed for accuracy and completeness at an organization- defined frequency (at least once a year for the purpose of the exam) or whenever significant changes occur to any element of the plan. Certain elements, such as contact lists, will require more frequent reviews. Remember, there could be two good answers as specified above. Either once a year or whenever significant changes occur to the plan. You will of course get only one of the two presented within
Topics
Community Discussion
No community discussion yet for this question.