Which of the following will you put into box 1?
The correct answers are as follows:
Controlling a risk through the development of actions that can minimise the impact the organisation will suffer as a result of the risk event is known as what control?
This is the description of treat mentioned on p. 143. The 4 Ts is a popular exam topic
What is the purpose of a Disaster Recovery Plan?
A Disaster Recovery Plan is to get critical systems operational following an emergency. This is implemented hours after the event. Option 2 describes Incident Response and Option 3 describes a Business Continuity Plan. Option 4 is made up. These definitions and the timeline of when they're activated is on p.108 of the study guide
Which of the following statements is true about a Disaster Recovery Plan? Select TWO
Answers 2 and 4 are correct. A Business Continuity Plan is held at the top level, not a disaster recovery plan. This can be held at the department level- or whoever would have the ability to enact this if a disaster were to happen. A company is likely to have several Disaster Recovery Plans for different departments and different scenarios so several people within the organisation may be accountable for these. Option 3 is incorrect as the focus is on recovering systems (e.g. getting people back online) not on profit. P.155
Which of the following will you put into box 6?
The correct answers are as follows:
