A company is developing a business continuity plan. Which document identifies critical business functions and their dependencies, including the maximum acceptable downtime?
Trap 1: Disaster Recovery Plan (DRP)
The DRP focuses on restoring IT systems after a disaster, not on identifying critical functions and their downtime tolerances.
Trap 2: Business Continuity Plan (BCP)
The BCP outlines how to keep the business running during a disruption, but the initial analysis is performed in the BIA.
Trap 3: Incident Response Plan (IRP)
The IRP handles immediate response to security incidents, not business continuity analysis.
- A
Disaster Recovery Plan (DRP)
Why wrong: The DRP focuses on restoring IT systems after a disaster, not on identifying critical functions and their downtime tolerances.
- B
Business Continuity Plan (BCP)
Why wrong: The BCP outlines how to keep the business running during a disruption, but the initial analysis is performed in the BIA.
- C
Incident Response Plan (IRP)
Why wrong: The IRP handles immediate response to security incidents, not business continuity analysis.
- D
Business Impact Analysis (BIA)
The BIA identifies critical functions, dependencies, and metrics like MTD, RTO, and RPO.