CISM Certified Information Security Manager – Question0139
Which of the following is the BEST reason to perform a business impact analysis (BIA)? A. To help determine the current state of risk B. To budget appropriately for needed controls C. To satisfy regulatory requirements D. To analyze the effect on the business
Correct Answer: A
Explanation:
Explanation:
The BIA is included as part of the process to determine the current state of risk and helps determine the acceptable levels of response from impacts and the current level of response, leading to a gap analysis. Budgeting appropriately may come as a result, but is not the reason to perform the analysis. Performing an analysis may satisfy regulatory requirements, bill is not the reason to perform one. Analyzing the effect on the business is part of the process, but one must also determine the needs or acceptable effect or response.
Please disable your adblocker or whitelist this site!