Certified Information Security Manager (CISM) — Question 1187
Which of the following BEST enables an organization to measure the total time that operations can be sustained at an alternative site designated in the business continuity plan (BCP)?
Answer options
- A. Recovery point objective (RPO)
- B. Allowable interruption window (AIW)
- C. Maximum tolerable outage (MTO)
- D. Recovery time objective (RTO)
Correct answer: C
Explanation
The correct answer is C, Maximum tolerable outage (MTO), as it defines the longest time that an organization can tolerate the disruption of its operations. The other options, while related to recovery processes, do not specifically measure the total time operations can function at an alternative site; RPO focuses on data loss, AIW on acceptable interruption periods, and RTO on the time required to recover operations.