Systems Security Certified Practitioner – SSCP – Question0589

In which of the following phases of system development life cycle (SDLC) is contingency planning most important?

A.
Initiation
B. Development/acquisition
C. Implementation
D. Operation/maintenance

Correct Answer: A

Explanation:

Contingency planning requirements should be considered at every phase of SDLC, but most importantly when a new IT system is being conceived. In the initiation phase, system requirements are identified and matched to their related operational processes, allowing determination of the system’s appropriate recovery priority.
Source: SWANSON, Marianne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2001 (page 12).
and The Official ISC2 Guide to the CBK, Second Edition, Application Security, page 180-185