CISSP – Information Systems Security Management Professional (ISSMP) — Question 6

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

Answer options

• A. Business continuity plan
• B. Disaster recovery plan
• C. Continuity of Operations Plan
• D. Contingency plan

Correct answer: D

Explanation

The correct answer is D, as a Contingency plan is designed to address unexpected events and includes detailed strategies for specific situations. In contrast, a Business continuity plan (A) and a Disaster recovery plan (B) focus more broadly on overall operational continuity and recovery from major disruptions, while the Continuity of Operations Plan (C) ensures essential functions continue during emergencies but does not provide the same level of specificity for individual variances.