Which control mechanism is the process by which an organization reduces the likelihood of a risk event occurring or mitigates the effects should it occur?
Correct Answer: B
Explanation Risk control is the control mechanism that is the process by which an organization reduces the likelihood of a risk event occurring or mitigates the effects should it occur. Risk control is the process of implementing measures or actions to modify or influence the risk level of an organization. Risk control can involve various strategies, such as avoidance, reduction, transfer, sharing, retention, or acceptance. Risk control can help to improve the organization's resilience and performance. Verified References: https://www.investopedia.com/terms/r/risk-control.asphttps://www.thebci.org/training-qualifications/good-practi
Question 2
BIA helps you identify
Correct Answer: D
Explanation BIA helps to identify all of the above aspects of an organization's functions and processes. It helps to identify the critical services and products that the organization delivers to its customers and stakeholders, and the functions and processes that support them. It also helps to identify the critical interdependencies and interested parties that are involved in or affected by the organization's functions and processes, such as suppliers, partners, regulators, or employees. Moreover, it helps to identify the tangible and intangible impacts of a disruption tothe organization's functions and processes over a period of time, such as financial losses, reputational damage, legal liabilities, or customer dissatisfaction. Verified References: https://www.ready.gov/business-impact-analysishttps://drii.org/resources/professionalpractices/EN
Question 3
Which of the following are three components of business continuity plan? (Choose three)
Correct Answer: A,B,E
Explanation The three components of a business continuity plan are emergency response, incident management, and disaster recovery. They are: Emergency response: This component involves the immediate actions taken to protect the life, health, and safety of people and the environment in the event of a disruption. Emergency response may include activating alarms, evacuating premises, contacting emergency services, or providing first aid. Incident management: This component involves the coordination and communication of the activities and resources required to manage and resolve a disruption. Incident management may include activating the business continuity team, declaring a disaster, assessing the impact, activating the recovery strategies, or communicating with stakeholders. Disaster recovery: This component involves the restoration and recovery of the IT systems, data, and infrastructure that support the critical functions and processes of the organization. Disaster recovery may include activating the backup systems, restoring the data, repairing or replacing the equipment, or testing the functionality. Verified References: https://www.ready.gov/business-continuity-plan https://www.csoonline.com/article/515730/business-continuity-and-disaster-recovery-planning-the-basics.
Question 4
Which statement is authorized at an appropriate level and should codify the company's attitude to a particular risk?
Correct Answer: D
Explanation A policy statement is a statement that is authorized at an appropriate level and should codify the company's attitude to a particular risk. A policy statement is a document that defines the scope, objectives, principles, roles, and responsibilities of a business continuity management program. It should also express the organization's commitment to managing risks and ensuring continuity of its critical functions and processes. A policy statement should be approved by senior management and communicated to all relevant stakeholders. Verified References: https://www.iso.org/publication/PUB100442.htmlhttps://phoenixnap.com/blog/what-is-business-continuity-mana
Question 5
Which of the following exercises involve all teams?
Correct Answer: A
Explanation A full-scale exercise is a type of exercise that involves all teams. A full-scale exercise is a high-pressure exercise that simulates a realistic scenario of a disruption that affects all or most of the organization's functions and processes. A full-scale exercise tests the effectiveness and efficiency of the plans, procedures, systems, teams, and resources that are required to respond to and recover from a disruption. A full-scale exercise also evaluates the coordination and communication among all the teams and stakeholders involved. Verified References: https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a
