Business Continuity Basics
What is the primary goal of a Business Continuity Plan (BCP)?
To ensure critical business functions continue during and after a disruption.
What is the term for the maximum tolerable period of disruption to a business process?
Maximum Tolerable Downtime (MTD)
What type of threat is a hurricane or earthquake?
Natural disaster
What is the purpose of testing a BCP?
To ensure it works effectively during a real incident.
Who is typically responsible for activating the BCP during an incident?
The Business Continuity Manager or Incident Response Team
What does BIA stand for in business continuity planning?
Business Impact Analysis
What does RTO stand for?
Recovery Time Objective
What is a common internal threat to business continuity?
Insider threat or employee error
What is a tabletop exercise?
A discussion-based session where team members walk through a simulated disaster scenario.
What role does senior management play in business continuity?
Providing support, resources, and strategic direction
What is the difference between a BCP and a Disaster Recovery Plan (DRP)?
BCP focuses on maintaining business operations; DRP focuses on restoring IT systems.
What does RPO stand for?
Recovery Point Objective
What is the term for identifying and evaluating potential risks to business operations?
Risk assessment
How often should a BCP be reviewed and updated?
At least annually or after significant changes.
What is the role of employees in business continuity?
Following procedures and participating in training and drills
What is the first step in developing a BCP?
Conducting a risk assessment and business impact analysis.
What type of backup site is fully equipped and ready to take over operations immediately?
Hot site
What is the difference between a threat and a vulnerability?
A threat is a potential cause of harm; a vulnerability is a weakness that can be exploited.
What is the difference between a full-scale test and a walkthrough?
A full-scale test simulates a real event; a walkthrough is a step-by-step review.
What is a crisis communication plan?
A plan for how to communicate with stakeholders during a disruption
What international standard provides guidelines for business continuity management systems?
ISO 22301
What is the main risk of relying solely on cloud backups for disaster recovery?
Potential internet outages or cloud provider failures can delay recovery.
What is a cascading failure in business continuity?
A failure in one system that triggers failures in interconnected systems.
What is a key challenge in maintaining a BCP?
Keeping it up to date with organizational and technological changes.
What is the role of third-party vendors in business continuity planning?
Ensuring their services and operations align with the organization’s continuity requirements