CISM Certified Information Security Manager – Question0863

A business impact analysis should be periodically executed PRIMARILY to:

A.
validate vulnerabilities on environmental changes.
B. analyze the importance of assets.
C. verify the effectiveness of controls.
D. check compliance with regulations.

Correct Answer: A