Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CISSP Exam - Topic 5 Question 110 Discussion

Actual exam question for ISC2's CISSP exam
Question #: 110
Topic #: 5
[All CISSP Questions]

A Business Continuity Plan (BCP) is based on

Show Suggested Answer Hide Answer
Suggested Answer: C

A Business Continuity Plan (BCP) is based on a review of the business processes and procedures. A BCP is a document that describes the strategies, actions, and resources that an organization will use to ensure the continuity of its critical business functions in the event of a disruption or disaster. A review of the business processes and procedures is a process that analyzes the current state of the organization's operations, such as the inputs, outputs, dependencies, resources, and risks of each business process or procedure. A review of the business processes and procedures helps to identify the critical business functions, the recovery objectives, the recovery strategies, and the recovery roles and responsibilities that form the basis of the BCP. The policy and procedures manual, an existing BCP from a similar organization, and a standard checklist of required items and objectives are not the best sources for basing a BCP, as they may not reflect the specific needs, goals, and context of the organization or its business processes and procedures.Reference:CISSP All-in-One Exam Guide, Eighth Edition, Chapter 7, Security Operations, page 899.Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 7, Security Operations, page 915.


by Jospeh at Nov 22, 2025, 10:13 PM

Limited Time Offer

25%

Off

Get Premium CISSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Stefany
1 day ago
Overall, C feels most comprehensive for planning.
upvoted 0 times
...
Jutta
7 days ago
I feel D is too generic. Checklists miss specifics.
upvoted 0 times
...
Portia
12 days ago
A is also valid. Policies guide the BCP.
upvoted 0 times
...
Latosha
17 days ago
I agree, C makes sense. Understand the business first.
upvoted 0 times
...
Rodrigo
22 days ago
Wait, are we really saying B is a good option?
upvoted 0 times
...
Delisa
27 days ago
D is just a checklist, not a real plan.
upvoted 0 times
...
Rosina
2 months ago
I think B could work too, but it’s not ideal.
upvoted 0 times
...
Willis
2 months ago
Definitely C, you need to know your processes!
upvoted 0 times
...
Mirta
2 months ago
B might work in a pinch, but why reinvent the wheel when you can build it from the ground up?
upvoted 0 times
...
Jamika
2 months ago
Haha, using another company's BCP? That's like copying your neighbor's homework!
upvoted 0 times
...
Mila
2 months ago
D is too generic, a checklist alone won't capture the nuances of our organization.
upvoted 0 times
...
Estrella
2 months ago
I agree, a thorough review of business processes is key to a robust BCP.
upvoted 0 times
...
Carry
3 months ago
Option C seems the most comprehensive approach to developing a BCP.
upvoted 0 times
...
Jina
3 months ago
I'm leaning towards option C, but I wonder if the policy manual also plays a significant role in shaping the BCP.
upvoted 0 times
...
Estrella
3 months ago
I feel like the checklist option could be useful, but it seems too generic for a comprehensive BCP.
upvoted 0 times
...
Alise
3 months ago
I'm a bit confused on this one. I'll have to think it through carefully and review my notes on BCPs before deciding.
upvoted 0 times
...
Francisca
3 months ago
C makes the most sense to me. Understanding the core business processes is key to building an effective continuity plan.
upvoted 0 times
...
Herminia
3 months ago
I'm leaning towards D. A standard checklist of required items and objectives seems like it would be a helpful framework for developing a comprehensive BCP.
upvoted 0 times
...
Xochitl
4 months ago
I remember practicing a question similar to this, and I think it mentioned that existing BCPs can be helpful, but they shouldn't be the only source.
upvoted 0 times
...
Freida
4 months ago
I think it's C. Reviewing processes is key.
upvoted 0 times
...
Krystina
4 months ago
I think the BCP should really be based on a review of business processes, but I'm not entirely sure if that's the only factor.
upvoted 0 times
...
Lorriane
4 months ago
Surprised that people think A is enough!
upvoted 0 times
...
Fernanda
4 months ago
But B could work too. Learning from others is smart.
upvoted 0 times
...
Carolann
5 months ago
Hmm, I'm not sure. I was thinking B might be the right answer since using an existing BCP from a similar organization could be a good starting point.
upvoted 0 times
...
Tambra
5 months ago
I think C is the best answer here. A BCP should be based on a thorough review of the business processes and procedures to identify critical functions and risks.
upvoted 0 times
...

Save Cancel