GIAC Security Leadership Certification (GSLC) — Question 29
Management support and approval has been obtained to move ahead with the objectives of a proposed BCP/DR project.
Which of the following should be performed next?
Answer options
- A. Business impact analysis
- B. Risk analysis
- C. Recovery strategies
- D. Backup site selection
Correct answer: B
Explanation
The next logical step after obtaining management support for a BCP/DR project is to conduct a Risk analysis, as it helps identify potential threats and vulnerabilities that could impact the organization. While a Business impact analysis (A) is also important, it typically follows the Risk analysis to understand the potential effects on business operations. The other options, Recovery strategies (C) and Backup site selection (D), are part of the planning process but occur after assessing risks.