Certified Cloud Security Professional (CCSP) — Question 501

At which stage of the BCDR plan creation phase should security be included in discussions?

Answer options

• A. Define scope
• B. Analyze
• C. Assess risk
• D. Gather requirements

Correct answer: A

Explanation

Security should be included during the 'Define scope' stage to ensure that all aspects of the plan incorporate necessary security measures from the outset. Waiting until later stages like 'Analyze' or 'Assess risk' could lead to gaps in security that are harder to address once the scope is already established. Gathering requirements also relies on an initial understanding of security needs, making early consideration crucial.