
Pass Exam Questions Efficiently With CBCP-002 Questions (2023)
CBCP-002 Questions - Truly Beneficial For Your GAQM Exam
NEW QUESTION # 10
Risks are diverse and arise from both external and internal sources.
- A. False
- B. True
Answer: B
Explanation:
Explanation
Risks are diverse and arise from both external and internal sources. This is true because risks are uncertainties that can have positive or negative effects on an organization's objectives. Risks can arise from various sources that are either outside or inside the organization's control. External sources of risk include natural disasters, cyberattacks, market fluctuations, customer preferences, competition, regulation, or political instability.
Internal sources of risk include human error, fraud, system failure, process inefficiency, organizational culture, or strategic decisions. Verified References:
https://www.investopedia.com/terms/b/businessrisk.asphttps://www.thebci.org/training-qualifications/good-pract
NEW QUESTION # 11
Which type of risks result from business decisions that are influenced by changes in markets, liquidity changes and credit risks?
- A. Technical
- B. Operational
- C. Strategic
- D. Financial
Answer: D
Explanation:
Explanation
Financial risks are the risks that result from business decisions that are influenced by changes in markets, liquidity, and credit. Financial risks are the uncertainties or variabilities of the financial performance or position of an organization due to factors such as interest rates, exchange rates, inflation, credit ratings, debt levels, or cash flows. Financial risks can affect an organization's profitability, solvency, liquidity, or valuation.
Verified References:
https://www.investopedia.com/terms/f/financialrisk.asphttps://www.thebci.org/training-qualifications/good-pract
NEW QUESTION # 12
Which certification centre provides the physical infrastructure?
- A. Service
- B. Facility
Answer: B
Explanation:
Explanation
A facility certification center is a center that provides the physical infrastructure for testing and certifying the functionality and performance of products, systems, or services. A facility certification center may have specialized equipment, tools, environments, or standards that can simulate real-world conditions or scenarios.
A facility certification center may also have qualified staff, experts, or auditors who can conduct the testing and certification process. Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://www.cisco.com/c/en/us/solutions/hybrid-work/what-is-
NEW QUESTION # 13
Which of the following are three components of business continuity plan? (Choose three)
- A. Emergency response
- B. Problem management
- C. Disaster recovery
- D. Incident management
- E. Business recovery
Answer: A,C,D
Explanation:
Explanation
The three components of a business continuity plan are emergency response, incident management, and disaster recovery. They are:
Emergency response: This component involves the immediate actions taken to protect the life, health, and safety of people and the environment in the event of a disruption. Emergency response may include activating alarms, evacuating premises, contacting emergency services, or providing first aid.
Incident management: This component involves the coordination and communication of the activities and resources required to manage and resolve a disruption. Incident management may include activating the business continuity team, declaring a disaster, assessing the impact, activating the recovery strategies, or communicating with stakeholders.
Disaster recovery: This component involves the restoration and recovery of the IT systems, data, and infrastructure that support the critical functions and processes of the organization. Disaster recovery may include activating the backup systems, restoring the data, repairing or replacing the equipment, or testing the functionality. Verified References: https://www.ready.gov/business-continuity-plan
https://www.csoonline.com/article/515730/business-continuity-and-disaster-recovery-planning-the-basics.
NEW QUESTION # 14
BIA helps you identify
- A. Critical services and products
- B. Critical interdependencies and interested parties
- C. Tangible and intangible impact of a disruption over period of time
- D. All of the above
Answer: D
Explanation:
Explanation
BIA helps to identify all of the above aspects of an organization's functions and processes. It helps to identify the critical services and products that the organization delivers to its customers and stakeholders, and the functions and processes that support them. It also helps to identify the critical interdependencies and interested parties that are involved in or affected by the organization's functions and processes, such as suppliers, partners, regulators, or employees. Moreover, it helps to identify the tangible and intangible impacts of a disruption tothe organization's functions and processes over a period of time, such as financial losses, reputational damage, legal liabilities, or customer dissatisfaction. Verified References:
https://www.ready.gov/business-impact-analysishttps://drii.org/resources/professionalpractices/EN
NEW QUESTION # 15
In the event of a disaster, notification shall be given to each employee by either the HR Department Manager or through the firm's emergency notice system.
- A. False
- B. True
Answer: B
Explanation:
Explanation
In the event of a disaster, notification shall be given to each employee by either the HR Department Manager or through the firm's emergency notice system. This is true because communication is a vital component of any disaster recovery and business continuity plan. Employees need to be informed of the situation, their roles and responsibilities, and the actions they need to take to ensure their safety and the continuity of the business.
The HR Department Manager or the emergency notice system are the designated channels for communicating with employees during a disaster. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a
NEW QUESTION # 16
In pre-crisis management, CM activities are focused on prevention and preparedness activities.
- A. False
- B. True
Answer: B
Explanation:
Explanation
In pre-crisis management, CM activities are focused on prevention and preparedness activities. This is true because pre-crisis management is the phase before a crisis occurs, where theorganization tries to anticipate and avoid potential crises or reduce their likelihood and impact. Pre-crisis management involves activities such as risk assessment, business impact analysis, business continuity planning, contingency planning, crisis communication planning, training and awareness, testing and exercising, monitoring and reviewing. Verified References:
https://www.cisco.com/c/en/us/solutions/hybrid-work/what-is-business-continuity.htmlhttps://phoenixnap.com/b
NEW QUESTION # 17
A disaster lasting longer than seventy-two (72) hours requires implementation of which of the following:
- A. Short Term Business Continuity Plan
- B. Business Continuity and Disaster Recovery Plan
Answer: B
Explanation:
Explanation
A disaster lasting longer than seventy-two (72) hours requires implementation of a business continuity and disaster recovery plan. A business continuity and disaster recovery plan is a comprehensive document that outlines how an organization will respond to and recover from a disaster that disrupts its normal operations. It covers both the IT aspects (disaster recovery) and the business aspects (business continuity) of restoring the critical functions and processes within an acceptable time frame. A disaster lasting longer than seventy-two (72) hours is likely to have significant impacts on the organization's performance, reputation, assets, and stakeholders, and therefore requires a coordinated and structured approach to ensure its survival and resilience.
Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a
NEW QUESTION # 18
Individual accountability for the management of the risk should be clearly established.
- A. False
- B. True
Answer: B
Explanation:
Explanation
Individual accountability for the management of the risk should be clearly established. This is true because accountability is one of the key principles of business continuity management. Accountability means that each person involved in the business continuity management program has a clear understanding of their roles and responsibilities, as well as the authorityand resources to perform them. Accountability also means that each person is held responsible for their actions and outcomes, and that they report on their performance and progress regularly. Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://phoenixnap.com/blog/what-is-business-continuity-mana
NEW QUESTION # 19
Tolerating risk is where no action is taken to mitigate or reduce a risk.
- A. False
- B. True
Answer: B
Explanation:
Explanation
Tolerating risk is where no action is taken to mitigate or reduce a risk. This is true because tolerating risk is one of the possible strategies for managing risk. Tolerating risk means accepting or retaining a risk without taking any further action to reduce it, either because the risk level is acceptable or because the cost or effort of reducing it is not justified. Tolerating risk may be appropriate for low-priority or low-impact risks that do not pose a significant threat to the organization's objectives. Verified References:
https://www.investopedia.com/terms/t/the-four-ts.asphttps://www.thebci.org/training-qualifications/good-practic
NEW QUESTION # 20
What is the frequency of BCP testing for critical processes?
- A. Half-yearly
- B. Quarterly
- C. Annually
- D. As per calendar planned at beginning of the year
Answer: A
Explanation:
Explanation
BCP testing is the process of verifying the effectiveness of a business continuity plan and ensuring that it meets the business objectives and requirements. BCP testing should be conducted regularly to identify any gaps or weaknesses in the plan and to update it accordingly1. While the number of tests to be conducted depends on the industry background, size and complexity, available resources, and BCP maturity levels, it is recommended that the tests are conducted twice a year for critical processes but at least minimum once a year1.
NEW QUESTION # 21
Which type of risk occurs due to volatile environments in which businesses operate and the nature of their operations?
- A. Auditing Risk
- B. Business Risk
- C. Quality Risk
- D. Project Risk
Answer: B
Explanation:
Explanation
Business risk is the risk of loss or damage to an organization's performance, reputation, assets, or stakeholders due to internal or external factors that affect its ability to achieve its objectives. Business risk can arise from various sources, such as market conditions, customer preferences, competition, technology, regulation, compliance, operations, finance, human resources, or natural disasters. Business risk can have a direct or indirect impact on an organization's profitability, growth, sustainability, or continuity. Verified References:
https://www.investopedia.com/terms/b/businessrisk.asphttps://www.thebci.org/training-qualifications/good-pract
NEW QUESTION # 22
Which of the following should NOT be released in a publicly released BCP?
- A. Process flows
- B. Contact lists
- C. All of the above
- D. BIA results
Answer: C
Explanation:
Explanation
A publicly released BCP is a version of a business continuity plan that is intended for external audiences, such as customers, suppliers, partners, regulators, media, or the public. It should not contain sensitive or confidential information that may compromise the security or privacy of theorganization or its stakeholders.
Therefore, it should not include process flows that detail how each function or process is performed; contact lists that reveal personal or organizational information; BIA results that show criticality ratings or recovery time objectives; or any other information that may expose vulnerabilities or risks. Verified References:
https://www.ready.gov/business-continuity-planhttps://drii.org/resources/professionalpractices/EN
NEW QUESTION # 23
Which phase of the project is the time to maximize on the employees' new awareness and management support?
- A. Benchmark
- B. Milestones
- C. Timelines
- D. Structure
Answer: B
Explanation:
Explanation
Milestones are important events in a project that mark the completion of a major deliverable or the achievement of a key goal. They are a good time to check in with employees and management to see how they are feeling about the project, and to get their feedback on how things are going. This is also a good time to reinforce the importance of the project and to get everyone re-committed to its success.
The other three options are not as good times to maximize on the employees' new awareness and management support. Timelines are important, but they are not as important as milestones in terms of getting people's attention. Benchmarks are useful for tracking progress, but they are not as good for getting people's buy-in.
Structure is important for organizing a project, but it is not as important as milestones for motivating people.
So, the answer to the question is that the milestones phase of the project is the time to maximize on the employees' new awareness and management support.
Here are some specific things that you can do at the milestones phase to maximize on employee awareness and management support:
Hold a team meeting to celebrate the milestone and to discuss the next steps.
Send out a communication to all employees and managers, highlighting the milestone and thanking everyone for their hard work.
Meet with management to discuss the project's progress and to get their feedback.
Use the milestone as an opportunity to reinforce the importance of the project and to get everyone re-committed to its success.
NEW QUESTION # 24
A disaster can also be declared for an illness pandemic where a significant portion of employees are sick.
- A. False
- B. True
Answer: B
Explanation:
Explanation
A disaster can also be declared for an illness pandemic where a significant portion of employees are sick. This is true because an illness pandemic is a type of natural disaster that can affect an organization's ability to continue its normal operations. An illness pandemic can cause absenteeism, reduced productivity, increased costs, supply chain disruptions, customer dissatisfaction, or regulatory compliance issues. Therefore, an organization may need to declare a disaster and activate its business continuity and disaster recovery plan if an illness pandemic impacts its critical functions and processes beyond an acceptable level. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a
NEW QUESTION # 25
Damage assessment includes all but which of the following steps?
- A. Estimate the time it will take to restore critical business functions.
- B. Identifying the affected business functions.
- C. Evaluating the time to restore operations and if greater than the MTD, a disaster should be declared and BCP enacted
- D. Having the insurance company declare the total extent of the damages.
Answer: D
Explanation:
Explanation
Damage assessment is the process of evaluating the extent and severity of the damage caused by a disruption to an organization's facilities, equipment, systems, data, records, or personnel. It includes identifying the affected business functions and processes, estimating the time it will take to restore them to normal or acceptable levels of operation, and evaluating whether the recovery time exceeds the maximum tolerable downtime (MTD) for each function or process. If so, a disaster should be declared and the business continuity plan should be activated. Having the insurance company declare the total extent of the damages is not part of the damage assessment process, as it may take longer than the MTD and may not reflect the operational impact of the damage. Verified References:
https://www.fema.gov/pdf/emergency/nims/Damage_Assessment.pdfhttps://drii.org/resources/professionalpracti
NEW QUESTION # 26
......
Truly Beneficial For Your GAQM Exam: https://www.fast2test.com/CBCP-002-premium-file.html
Download GAQM CBCP-002 Sample Questions: https://drive.google.com/open?id=1PPWvcPYkCYRlnmtmB2eo15g9v7e5JwNX