When preparing a business continuity plan, who of the following is responsible for identifying and prioritizing
time-critical systems?
A.
Executive management staff
B.
Senior business unit management
C.
BCP committee
D.
Functional business units
Explanation:
Senior management is ultimately responsible for all phases of the plan, and who should be most concerned
about the protection of its assets. They must sign off on all policy issues, and they will be held liable for overall
success or failure of a security solution.
Incorrect Answers:
A: If possible the BCP plan should by endorsed by the Executive management staff, but the Executive
management staff is not responsible for identifying and prioritizing time-critical systems.
C: The BCP committee does not identify and prioritize systems. The BCP committee oversees, initiates, plans,
approves, tests and audits the BCP. It also implements the BCP, coordinates activities, approve the BIA survey.
The BCP committee also oversees the creation of continuity plans and reviews the results of quality assurance
activities
D: Functional business units are a part of the BCP committee. Functional business units are not responsible for
identifying and prioritizing time-critical system.Stewart, James M., Ed Tittel, and Mike Chapple, CISSP: Certified Information Systems Security Professional
Study Guide, 5th Edition, Sybex, Indianapolis, 2011, p. 55