Certified Information Security Manager (CISM) — Question 1136

When performing a business impact analysis (BIA), which of the following is the MOST important reason to determine the maximum tolerable downtime (MTD)?

Answer options

• A. To determine the data needed for a timely recovery
• B. To assist in developing recovery strategies
• C. To facilitate selection of the technologies needed to recover
• D. To establish resources needed for a successful recovery

Correct answer: B

Explanation

The correct answer is B because understanding the MTD is crucial for developing effective recovery strategies that align with business needs. Options A, C, and D, while important, are secondary considerations that depend on the recovery strategies established based on the MTD.