A Chief Information Office (CIO) is working with his staff to develop a contingency plan for the organization. Which of the following steps should the CIO and his
staff to take FIRST?
A.
Review the company’s risk assessment
B.
Perform a business impact analysis
C.
Create contingency strategies
D.
Develop the contingency plan policy statement
Isn’t “Develop the contingency planning policy statement” the right answer?
It is often used for risk management when an exceptional risk that, though unlikely, would have catastrophic consequences.