Which register maintains information on all the identified risks relating to an organization?
Correct Answer: A
A risk register is a register that maintains information on all the identified risks relating to an organization. A risk register is a document or a tool that records and tracks the details of each risk, such as its description, source, impact, likelihood, rating, owner, status, response strategy, action plan, and monitoring method. A risk register is a useful tool for managing risks and communicating them to stakeholders. Verified References: https://www.investopedia.com/terms/r/risk-register.asphttps://www.thebci.org/training-qualifications/good- practice-guidelines.html
Question 22
In pre-crisis management, CM activities are focused on prevention and preparedness activities.
Correct Answer: A
Explanation In pre-crisis management, CM activities are focused on prevention and preparedness activities. This is true because pre-crisis management is the phase before a crisis occurs, where theorganization tries to anticipate and avoid potential crises or reduce their likelihood and impact. Pre-crisis management involves activities such as risk assessment, business impact analysis, business continuity planning, contingency planning, crisis communication planning, training and awareness, testing and exercising, monitoring and reviewing. Verified References: https://www.cisco.com/c/en/us/solutions/hybrid-work/what-is-business-continuity.htmlhttps://phoenixnap.com/b
Question 23
BIA helps you identify
Correct Answer: D
Explanation BIA helps to identify all of the above aspects of an organization's functions and processes. It helps to identify the critical services and products that the organization delivers to its customers and stakeholders, and the functions and processes that support them. It also helps to identify the critical interdependencies and interested parties that are involved in or affected by the organization's functions and processes, such as suppliers, partners, regulators, or employees. Moreover, it helps to identify the tangible and intangible impacts of a disruption tothe organization's functions and processes over a period of time, such as financial losses, reputational damage, legal liabilities, or customer dissatisfaction. Verified References: https://www.ready.gov/business-impact-analysishttps://drii.org/resources/professionalpractices/EN
Question 24
Which of the following four are action approach crisis and post-crisis management? (Choose four R's)
Correct Answer: A,B,C,D
Explanation The four R's are action approaches for crisis and post-crisis management. They are: Reduction: This approach aims to prevent or mitigate the occurrence or impact of a crisis by identifying and addressing the root causes, vulnerabilities, and risks. Readiness: This approach aims to prepare for a potential crisis by developing plans, policies, procedures, systems, teams, and resources that can enable a timely and effective response. Response: This approach aims to manage a crisis by activating the plans, policies, procedures, systems, teams, and resources that can contain, control, and resolve the situation. Recovery: This approach aims to restore normal operations after a crisis by implementing actions that can repair damages, restore functions and processes, resume services and products, recover losses, and learn lessons. Verified References: https://www.cisco.com/c/en/us/solutions/hybrid-work/what-is-business-continuity.html https://phoenixnap.com/blog/what-is-business-continuity-management
Question 25
Which type of risk occurs due to volatile environments in which businesses operate and the nature of their operations?
Correct Answer: C
Explanation Business risk is the risk of loss or damage to an organization's performance, reputation, assets, or stakeholders due to internal or external factors that affect its ability to achieve its objectives. Business risk can arise from various sources, such as market conditions, customer preferences, competition, technology, regulation, compliance, operations, finance, human resources, or natural disasters. Business risk can have a direct or indirect impact on an organization's profitability, growth, sustainability, or continuity. Verified References: https://www.investopedia.com/terms/b/businessrisk.asphttps://www.thebci.org/training-qualifications/good-pract
