















Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Guidance on defining a business continuity problem statement, which is a crucial step in the business continuity planning process. It explains that a well-defined problem statement helps provide senior management with a clear direction for future decisions and demonstrates their commitment to the business continuity planning effort. The document also covers other important aspects of the business continuity program initiation and management, such as gaining senior management support, developing a budget, and communicating the project plan to various stakeholders. Additionally, it addresses key topics like risk assessment, recovery strategies, emergency response procedures, and the importance of training and awareness programs. Overall, this document offers valuable insights into the foundational elements of establishing an effective business continuity management program within an organization.
Typology: Exams
1 / 23
This page cannot be seen from the preview
Don't miss anything!
















A. Develop a detailed project plan B. Identify project objectives and risks C. Gain senior management commitment to project D. Establish framework of project - Precise Answer โโC. Gain senior management commitment to project 10.Planning, organizing and managing tasks and resources can best be described as... A. Strategy development B. Data gathering C. Coordinating with external agencies D. Project planning - Precise Answer โโD. Project planning 11.Which of the following best describes the steps taken to identify and mitigate risk? A. Reduction B. Restoration C. Recovery D. Response - Precise Answer โโA.
A. Loss of access to facilities B. A tornado C. Lack of fire suppression systems D. Clean desk policy procedures - Precise Answer โโD. Clean desk policy procedures 15.The result of performing a risk analysis is A. All risks are eliminated B. All risk will be mitigated to prevent a disaster C. To determine where mitigating factors should be implemented D. To prevent a risk from occurring and causing a disaster - Precise Answer โโC. To determine where mitigating factors should be implemented 16.Which answer describes the purpose of a business impact analysis? A. To calculate the probability of disruptions to the organization B. To evaluate the effectiveness of existing controls and safeguards C. To identify which business processes and assets require the highest level of protection, establishing priorities,
and a time line D. To develop preparations and procedures for responding to a disaster - Precise Answer โโC. To identify which business processes and assets require the highest level of protection, establishing priorities, and a time line 17.Which of the following is an example of a qualitative impact? A. Loss of sales B. Loss of employee morale C. Loss of revenue due to penalties D. Extra expense - Precise Answer โโB. Loss of employee morale 18.Which of the following is an example of a quantitative impact? A. Lower level of customer service B. A disruption of quality assurance C. Loss of sales D. Reduced financial credibility - Precise Answer โโC. Loss of sales
21.What is the purpose of developing recovery strategies? A. Protects viability of the organization by positioning it to respond quickly and appropriately in an emergency event B. Sufficiently exercises documented procedures C. Positions organization to have zero downtime following an emergency event D. Ensures procedures for verifying critical recovery resources are implemented and functioning properly - Precise Answer โโA. Protects viability of the organization by positioning it to respond quickly and appropriately in an emergency event 22.Which of the following would be considered an internal recovery strategy? A. Duplicate site/distributed workload B. Vendor hot site C. Commercial recovery center D. Supplier service level agreements - Precise Answer โโA. Duplicate site/distributed workload 23.Which of the following best describes a "Hot Site"?
A. Environmental infrastructure for technology operations B. Agreement with a similar industry to provide recovery capabilities C. Provides business services D. Fully operational facility - Precise Answer โโD. Fully operational facility 24.What is the purpose of conducting a cost/benefit analysis? A. To compare the cost of the strategy with the risk to the organization B. It is required for DRII certification C. Management requires this information D. It is a requirement for the budget - Precise Answer โโA. To compare the cost of the strategy with the risk to the organization 25.What statement describes a potential qualitative business impact? A. The loss of market share B. Extra expense incurred C. A lower level of customer service D. Penalties on the revenue stream - Precise Answer โโC.
28.What is the role of an executive during an emergency event? A. Orders the evacuation and shutdown of the facility B. During a disaster, assists in the implementation of response and alternate operating strategies C. Attends to duties they are trained for; addresses the Board and critical customers D. Takes charge of emergency response activities - Precise Answer โโC. Attends to duties they are trained for; addresses the Board and critical customers 29.Which team focuses on stabilizing and returning the organization to normal operations as quickly as possible after the plan has been activated and provides support and resources? A. The Budget team B. The Risk Management & Insurance Team C. The Crisis Management Team D. The Facilities and Finance Team - Precise Answer โโC. The Crisis Management Team 30.What is the purpose of escalation procedures?
A. To determine the severity level of an event and the appropriate response B. To select the appropriate recovery response for each potential cause of disruption C. To mobilize the Crisis Management Team D. To enable the organization to restore all business functions - Precise Answer โโA. To determine the severity level of an event and the appropriate response 31.What is the most important purpose of emergency response procedures and plans? A. Prevent/limit degradation to critical functions and services B. Assure owners/investors that the organization is stable and all critical functions are recoverable C. Continuation of the mission and objectives of the organization D. Minimize the exposure to loss of life and property - Precise Answer โโD. Minimize the exposure to loss of life and property 32.What is an example of a procedure that could protect lives?
B. Decreases the amount of time and energy invested by individuals in the effort C. Ensures someone will always be available to develop the plan D. Decreases the potential for a broad spectrum of opinions on issues - Precise Answer โโA. Provides dedicated, focused support in the areas of team members' particular experience and expertise 35.Which answer best describes which plan design approach should be used? A. It should be determined by the software tool being used B. It is usually determined by the consulting team C. It should fit the needs of the organization D. It is determined by the critical processes of the organization - Precise Answer โโC. It should fit the needs of the organization 36.In which section of the Business Continuity Plan should the Disaster Declaration guidelines be documented? A. Incident Management B. Critical Key Processes
C. Overview D. Disaster Recovery Procedures - Precise Answer โโA. Incident Management 37.After developing business continuity strategies and emergency response procedures, the next step is: A. Conduct awareness and training B. Perform a Risk Assessment C. Develop a Business Impact Analysis report D. Develop a Business Continuity Plan - Precise Answer โโD. Develop a Business Continuity Plan 38.Why should there be a sustained approach to training and awareness? A. Long-term behavior will change with a short and focused approach B. Job security for the trainer C. The average employee needs repeated exposure to gain understanding D. Change is resisted, training is not - Precise Answer โโC. The average employee needs repeated exposure to gain understanding
41.What is an example of training activities in which all personnel should participate? A. Hazardous materials cleanup B. Project management training C. Power down/power up procedures D. Evacuation, shelter and accountability procedures - Precise Answer โโD. Evacuation, shelter and accountability procedures 42.In order for scenarios to be effective during an exercise, they need to be: A. Simple enough to involve only one functional unit at a time B. Broad enough to address many goals and objectives C. Complex enough to make it difficult to solve D. Realistic & complicated enough to focus planning and exercising on issues that engage participants and exercise major components of the plan - Precise Answer โโD. Realistic & complicated enough to focus planning and exercising on issues that engage participants and exercise major components of the plan
43.A program for updating the plan should include: A. The software tool that automatically makes the updates B. Procedures, frequency and personnel responsible for making updates C. The relevant plan owner who will make all decisions regarding plan D. The template used to make the updates - Precise Answer โโB. Procedures, frequency and personnel responsible for making updates 44.What is NOT the role of an internal or external auditor of the plan? A. To work with the planner because both are concerned with the survivability of the organization B. To audit the plan documentation and control procedures C. To be "Guardian or Steward" of the Business Continuity Plan D. To confirm that plan updates are completed and use these updates as audit points on the next exercise - Precise Answer โโC. To be "Guardian or Steward" of the Business Continuity Plan 45.At a minimum, how often should a business continuity plan be updated? A. Once a month