CISM Certified Information Security Manager – Question0538

Which of the following is the PRIMARY reason to conduct periodic business impact assessments?

A.
Improve the results of last business impact assessment
B. Update recovery objectives based on new risks
C. Decrease the recovery times
D. Meet the needs of the business continuity policy

Correct Answer: B