ISOL 53303 HarrisburgU Business Continuity Planning Questions
1. What is the goal and purpose of a business impact analysis (BIA)?
2. Why is a business impact analysis (BIA) an important first step in defining a business continuityplan (BCP)?
3. What is the definition of recovery time objective (RTO)? Why is this important to define in an ITSecurity Policy Definition as part of the business impact analysis (BIA) or business continuityplan (BCP)?
4. How do risk management and risk assessment relate to a business impact analysis (BIA) for an ITinfrastructure?
5. True or false: If the recovery point objective (RPO) metric does not equal the recovery timeobjective (RTO), you can potentially lose data that might not be backed up. This represents a gapin potential lost or unrecoverable data.
6. If you have an RPO of 0 hours, what does that mean?
7. What must you explain to executive management when defining RTO and RPO objectives for theBIA?
8. What questions do you have for executive management in order to finalize your BIA?
9. Why do customer service business functions typically have a short RTO and RPO maximumallowable time objective?
10. To write backup and recovery procedures, you need to review the IT systems, hardware, software,and communications infrastructure that supports business operations and functions, and you needto define how to maximize availability. This alignment of IT systems and components must bebased on business operations, functions, and prioritizations. This prioritization is usually theresult of a risk assessment and how those risks, threats, and vulnerabilities impact businessoperations and functions. What is the proper sequence of development and implementation for thefollowing plans?:
Business Continuity Plan:
Disaster Recovery Plan:
Risk Management Plan:
Business Impact Analysis: