CBCI EXAM QUESTIONS AND ANSWERS
What does the business continuity policy do - Answer -It sets out the purpose, scope
and governance of the business continuity programme
If an organisation doesnt have any business continuity capacity - Answer -Get an
interim structure and plan in place
The BCP should be what - Answer -Short, precise and to the point
Business Continuity should include - Answer -Definition for use.
Objectives and scope
Roles and responsibilities
Legals and standards
Identification of interested parties
Measurement and review frequency and methods
Sign off and comms
The definition of scope should be? - Answer -Which areas of the organisation are
included and which aren't.
A grasp of the organisations strategies, objectives and culture and its risk appetite.
Also list its regulatory constraints
Business continuity governance focuses on - Answer -Oversight and support.
Monitoring and review.
Alignment with organisational objectives
Compliance with legal and regulatory requirements.
Business continuity roles - Answer -Should be embedded in the job descriptions and
performance plans.
Roles - top management - Answer -Leadership, commitment and resources
Roles - steering group - Answer -Oversee, advise and manage - making the
recommendations to top mgt.
Business continuity plan owner - Answer -Make sure the plan reflects the business
continuity capability.
Business Continuity Programme - Answer -Ongoing mgt and governance process
appropriately resourced to implement and maintain business continuity mgt.
Business continuity mgt. programme documentation - Answer -Business Continuity
policy
, Business continuity programme of activities
Project management documentation
Meeting agendas, minutes and action trackers
Skills and competancy
BIA questionnaires
Response structure
Plans
Exercise programmes
Crisis mgt. plans
Outsource contracts
SLA with customers and suppliers
General Principles of Embedding - Answer -Ensure business continuity is a central
p[art of what the organisation does.
Make sure its aligned with the organisational goals and objectives.
Health and saftey and data protection are embedded in similar ways
Process - Answer -Engage the key players
Use existing communication channels to get the message across.
Build a network of champions across the business
Methods & Techniques - Answer -Sector peers having disasters - make it relevant to
the persons short term objectives. Learn lessons from peers.
Get business continuity onto meeting agendas
Schedule exercises for holidays or quieter times
Make sure business continuity is part of supply change mgt.
Competancies & Skills - Embedding - Answer -Anyone with roles and experience
should have the right education, training and experience for their role in the BCMP This
includes key personnel in the supply chain and outrsourced service providers.
Make sure there are alternates.
Competancies & Skills - Incident Response - Answer -Could include:
First aid, ICT, crisis mgt and leadership, damage mgt.
Four types of BIA - Answer -An initial BIA
A product and service BIA
A process BIA
An activity BIA
Business Continuity Requirements are - Answer -The timeframes, resources and
capabilities necessary to continue to deliver the prioritised products, services,
processes and activities following a disruption.
Product and services - Answer -Sometimes referred to as beneficial outcomes by an
organisation to its customers, reciepients or interested parties.
What does the business continuity policy do - Answer -It sets out the purpose, scope
and governance of the business continuity programme
If an organisation doesnt have any business continuity capacity - Answer -Get an
interim structure and plan in place
The BCP should be what - Answer -Short, precise and to the point
Business Continuity should include - Answer -Definition for use.
Objectives and scope
Roles and responsibilities
Legals and standards
Identification of interested parties
Measurement and review frequency and methods
Sign off and comms
The definition of scope should be? - Answer -Which areas of the organisation are
included and which aren't.
A grasp of the organisations strategies, objectives and culture and its risk appetite.
Also list its regulatory constraints
Business continuity governance focuses on - Answer -Oversight and support.
Monitoring and review.
Alignment with organisational objectives
Compliance with legal and regulatory requirements.
Business continuity roles - Answer -Should be embedded in the job descriptions and
performance plans.
Roles - top management - Answer -Leadership, commitment and resources
Roles - steering group - Answer -Oversee, advise and manage - making the
recommendations to top mgt.
Business continuity plan owner - Answer -Make sure the plan reflects the business
continuity capability.
Business Continuity Programme - Answer -Ongoing mgt and governance process
appropriately resourced to implement and maintain business continuity mgt.
Business continuity mgt. programme documentation - Answer -Business Continuity
policy
, Business continuity programme of activities
Project management documentation
Meeting agendas, minutes and action trackers
Skills and competancy
BIA questionnaires
Response structure
Plans
Exercise programmes
Crisis mgt. plans
Outsource contracts
SLA with customers and suppliers
General Principles of Embedding - Answer -Ensure business continuity is a central
p[art of what the organisation does.
Make sure its aligned with the organisational goals and objectives.
Health and saftey and data protection are embedded in similar ways
Process - Answer -Engage the key players
Use existing communication channels to get the message across.
Build a network of champions across the business
Methods & Techniques - Answer -Sector peers having disasters - make it relevant to
the persons short term objectives. Learn lessons from peers.
Get business continuity onto meeting agendas
Schedule exercises for holidays or quieter times
Make sure business continuity is part of supply change mgt.
Competancies & Skills - Embedding - Answer -Anyone with roles and experience
should have the right education, training and experience for their role in the BCMP This
includes key personnel in the supply chain and outrsourced service providers.
Make sure there are alternates.
Competancies & Skills - Incident Response - Answer -Could include:
First aid, ICT, crisis mgt and leadership, damage mgt.
Four types of BIA - Answer -An initial BIA
A product and service BIA
A process BIA
An activity BIA
Business Continuity Requirements are - Answer -The timeframes, resources and
capabilities necessary to continue to deliver the prioritised products, services,
processes and activities following a disruption.
Product and services - Answer -Sometimes referred to as beneficial outcomes by an
organisation to its customers, reciepients or interested parties.
