SSCP Question #422: Real Exam Question with Answer & Explanation

The correct answer is C: Formal approval of BCP scope and initiation document. A vulnerability assessment produces outputs such as quantitative loss assessments (numeric financial impact estimates), qualitative loss assessments (descriptive impact ratings), and defining critical support areas (identifying dependencies and weaknesses). Formal approval of the

Submitted by thandi_sa· Apr 18, 2026Risk Identification, Monitoring and Analysis

Question

Which one of the following is NOT one of the outcomes of a vulnerability assessment?

Options

AQuantative loss assessment
BQualitative loss assessment
CFormal approval of BCP scope and initiation document
DDefining critical support areas

Explanation

A vulnerability assessment produces outputs such as quantitative loss assessments (numeric financial impact estimates), qualitative loss assessments (descriptive impact ratings), and defining critical support areas (identifying dependencies and weaknesses). Formal approval of the BCP scope and initiation document is a management/governance activity that occurs during the BCP initiation phase - it is an administrative milestone, not an output of the vulnerability assessment process itself.

Topics

#Vulnerability Assessment#Risk Management#Business Continuity Planning#Security Assessment Outcomes

Community Discussion

No community discussion yet for this question.

Full SSCP Practice Browse All SSCP Questions