CBCI GPG GLOSSARY PRACTICE EXAM QUESTIONS
WITH ANSWERS 2025/2026
Maximum acceptable outage (MAO) - The time it would take for adverse impacts, which
might arise as a result of not providing a product/service or performing an activity, to
become unacceptable.
Maximum tolerable period of disruption (MTPD) - The time it would take for adverse
impacts, which might arise as a result of not providing a product/service or performing
an activity, to become unacceptable.
Minimum Business Continuity Objective (MBCO) - The minimum level of services and/or
products that is acceptable to the organization to achieve its business objectives during
a disruption.
Organisation - The person or group of people that has its own functions with
responsibilities, authorities and relationships to achieve its objectives.
Organisational resilience - The ability of an organization to absorb and adapt in a
changing environment.
Organisational culture - The values, attitudes and behaviour of an organization that
contribute to the unique social and psychological environment in which it operates.
Personnel - People working for and under the control of the organization.
Policy - The document that provides the intentions and direction of an organization as
formally expressed by its top management.
Policy and Programme management (PP1) - The Professional Practice that establishes
the organization's stance relating to business continuity and defines how it should be
implemented throughout the business continuity programme.
Prioritised activities - The activities to which priority must be given following an incident
in order to mitigate impacts.
Process - A set of interrelated or interacting activities which transforms inputs into
outputs.
Products and services - Beneficial outcomes provided by an organization to its
customers, recipients and interested parties.
Recovery point objective (RPO) - The point to which information used by an activity
must be restored to enable the activity to operate on resumption.
, Recovery time objective (RTO) - The period of time following an incident within which a
product or service must be resumed, or activity must be resumed, or resources must be
recovered.
Resources - All assets, people, skills, information, technology (including plant and
equipment), premises, and supplies and information (whether electronic or not) that an
organization has to have available to use, when needed, in order to operate and meet
its objective.
Risk - The effect of uncertainty on objectives.
Risk assessment - The overall process of risk identification, risk analysis and risk
evaluation.
Risk management - Coordinated activities to direct and control an organization with
regard to risk.
Test - An exercise whose aim is to obtain an expected, measurable pass/fail outcome.
Threat - A potential cause of an unwanted incident, which can result in harm to
individuals, the environment or the community.
Top management - A person or group of people who directs and controls an
organization at the highest level.
Validation (PP6) - The Professional Practice within the business continuity management
lifecycle that confirms that the business continuity programme meets the objectives set
in the policy and that the plans and procedures in place are effective. It includes
exercising, maintenance and review activities.
Governance Activities - - Providing oversight and support of the business continuity
programme including provision of adequate resources and approval of budget
- Ensuring the business continuity programme aligns with the organisations objectives
- Ensuring the business continuity programme complied with the business continuity
policy and any related legal and regulatory requirements
- Monitoring and reviewing the business continuity programme regularly to ensure the
requirements are being met
- supporting continual improvement
Leadership Commitment - - Recognising and communicating the requirements for
business continuity as a key management discipline when building organisational
resilience
- Ensuring that the business continuity policy and programme is aligned to the
objectives of the organisation
- Ensuring that the business continuity programme delivers its expected outcomes and
meets the requirements stated in the policy
WITH ANSWERS 2025/2026
Maximum acceptable outage (MAO) - The time it would take for adverse impacts, which
might arise as a result of not providing a product/service or performing an activity, to
become unacceptable.
Maximum tolerable period of disruption (MTPD) - The time it would take for adverse
impacts, which might arise as a result of not providing a product/service or performing
an activity, to become unacceptable.
Minimum Business Continuity Objective (MBCO) - The minimum level of services and/or
products that is acceptable to the organization to achieve its business objectives during
a disruption.
Organisation - The person or group of people that has its own functions with
responsibilities, authorities and relationships to achieve its objectives.
Organisational resilience - The ability of an organization to absorb and adapt in a
changing environment.
Organisational culture - The values, attitudes and behaviour of an organization that
contribute to the unique social and psychological environment in which it operates.
Personnel - People working for and under the control of the organization.
Policy - The document that provides the intentions and direction of an organization as
formally expressed by its top management.
Policy and Programme management (PP1) - The Professional Practice that establishes
the organization's stance relating to business continuity and defines how it should be
implemented throughout the business continuity programme.
Prioritised activities - The activities to which priority must be given following an incident
in order to mitigate impacts.
Process - A set of interrelated or interacting activities which transforms inputs into
outputs.
Products and services - Beneficial outcomes provided by an organization to its
customers, recipients and interested parties.
Recovery point objective (RPO) - The point to which information used by an activity
must be restored to enable the activity to operate on resumption.
, Recovery time objective (RTO) - The period of time following an incident within which a
product or service must be resumed, or activity must be resumed, or resources must be
recovered.
Resources - All assets, people, skills, information, technology (including plant and
equipment), premises, and supplies and information (whether electronic or not) that an
organization has to have available to use, when needed, in order to operate and meet
its objective.
Risk - The effect of uncertainty on objectives.
Risk assessment - The overall process of risk identification, risk analysis and risk
evaluation.
Risk management - Coordinated activities to direct and control an organization with
regard to risk.
Test - An exercise whose aim is to obtain an expected, measurable pass/fail outcome.
Threat - A potential cause of an unwanted incident, which can result in harm to
individuals, the environment or the community.
Top management - A person or group of people who directs and controls an
organization at the highest level.
Validation (PP6) - The Professional Practice within the business continuity management
lifecycle that confirms that the business continuity programme meets the objectives set
in the policy and that the plans and procedures in place are effective. It includes
exercising, maintenance and review activities.
Governance Activities - - Providing oversight and support of the business continuity
programme including provision of adequate resources and approval of budget
- Ensuring the business continuity programme aligns with the organisations objectives
- Ensuring the business continuity programme complied with the business continuity
policy and any related legal and regulatory requirements
- Monitoring and reviewing the business continuity programme regularly to ensure the
requirements are being met
- supporting continual improvement
Leadership Commitment - - Recognising and communicating the requirements for
business continuity as a key management discipline when building organisational
resilience
- Ensuring that the business continuity policy and programme is aligned to the
objectives of the organisation
- Ensuring that the business continuity programme delivers its expected outcomes and
meets the requirements stated in the policy
