Isaca Certified in Risk and Information Systems Control CRISC Question # 101 Topic 11 Discussion

CRISC Exam Topic 11 Question 101 Discussion:

Question #: 101

Topic #: 11

The FIRST task when developing a business continuity plan should be to:

determine data backup and recovery availability at an alternate site.

identify critical business functions and resources.

define roles and responsibilities for implementation.

identify recovery time objectives (RTOs) for critical business applications.

Get Premium CRISC Questions

Explanation

A business continuity plan (BCP) is a system of prevention and recovery from potential threats to a company. The plan ensures that personnel and assets are protected and are able to function quickly in the event of a disaster1. The first task when developing a BCP should be to identify critical business functions and resources, because this will help to determine the scope, objectives, and priorities of the plan. Critical business functions and resources are those that are essential for the continuity of the company’s operations, and that would cause significant disruption or damage if they were interrupted or lost. By identifying critical business functions and resources, the company can focus its efforts and resources on protecting and restoring them, and minimizing the impact of a disaster. The other options are not the first task when developing a BCP, because they depend on the identification of critical business functions and resources, as explained below:

A. Determine data backup and recovery availability at an alternate site is a task that relates to the recovery strategy of the BCP, which aims to restore the data and information systems that support the critical business functions and resources. However, this task cannot be performed without first identifying which data and information systems are critical, and what level of availability and recovery they require.

C. Define roles and responsibilities for implementation is a task that relates to the organization and governance of the BCP, which aims to assign and communicate the duties and expectations of the personnel involved in the plan. However, this task cannot be performed without first identifying which personnel are critical, and what functions and resources they are responsible for.

D. Identify recovery time objectives (RTOs) for critical business applications is a task that relates to the analysis and evaluation of the BCP, which aims to measure the acceptable downtime and recovery speed of the critical business functions and resources. However, this task cannot be performed without first identifying which business applications are critical, and what impact and likelihood they have. References = Risk and Information Systems Control Study Manual, Chapter 4, Section 4.2.1, page 115. What Is a Business Continuity Plan (BCP), and How Does It Work?, Business continuity plan (BCP) in 8 steps, with templates | BDC.ca, How Develop a Business Continuity Plan - Invenio IT, Business Continuity Planning | Ready.gov, Develop a Robust Business Continuity Plan | Wrike

Actual exam question for Isaca CRISC exam by Blaise8671 at Oct 9, 2025, 5:08:50 PM

Contribute your Thoughts:

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Isaca Certified in Risk and Information Systems Control CRISC Question # 101 Topic 11 Discussion

Isaca Certified in Risk and Information Systems Control CRISC Question # 101 Topic 11 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Isaca Certified in Risk and Information Systems Control CRISC Question # 101 Topic 11 Discussion

Isaca Certified in Risk and Information Systems Control CRISC Question # 101 Topic 11 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval