Certified Information Security Manager (CISM) — Question 939

When creating an incident response plan, the triggers for the business continuity plan (BCP) MUST be based on:

Answer options

• A. a threat assessment.
• B. recovery time objectives (RTOs).
• C. a business impact analysis (BIA).
• D. a risk assessment.

Correct answer: C

Explanation

The correct answer is C, as a business impact analysis (BIA) identifies critical business functions and the impact of disruptions, making it essential for establishing BCP triggers. Options A, B, and D, while important, do not specifically focus on the direct impacts of business interruptions, which is the primary concern of a BIA.