CISSP – Information Systems Security Management Professional (ISSMP) — Question 39
Mark works as a security manager for SoftTech Inc. He is involved in the BIA phase to create a document to be used to help understand what impact a disruptive event would have on the business. The impact might be financial or operational. Which of the following are the objectives related to the above phase in which
Mark is involved? Each correct answer represents a part of the solution. Choose three.
Answer options
- A. Resource requirements identification
- B. Criticality prioritization
- C. Down-time estimation
- D. Performing vulnerability assessment
Correct answer: A, B, C
Explanation
The correct answers A, B, and C are directly related to understanding the impact of disruptive events through resource identification, prioritizing critical areas, and estimating potential downtime. Option D, while important in security management, does not directly pertain to the objectives of the BIA phase focused on impact analysis.