Certified Information Security Manager (CISM) — Question 65

An event occurred that resulted in the activation of the business continuity plan (BCP). All employees were notified during the event, and they followed the plan.
However, two major suppliers missed deadlines because they were not aware of the disruption. What is the BEST way to prevent a similar situation in the future?

Answer options

• A. Ensure service level agreements (SLAs) with suppliers are enforced.
• B. Conduct a vulnerability assessment.
• C. Perform testing of the BCP communication plan.
• D. Provide suppliers with access to the BCP document.

Correct answer: C

Explanation

The correct answer is C because testing the BCP communication plan ensures that all stakeholders, including suppliers, are adequately informed about disruptions in the future. Option A is not effective since enforcing SLAs does not guarantee that suppliers are aware of the BCP. Option B focuses on identifying vulnerabilities rather than improving communication. Option D might help but does not ensure that suppliers will stay informed during actual events.