To identify, analyze, and prioritize business continuity requirements is crucial to initiate the business continuity management (BCM) program. Which of the following should be conducted first?
A. Determining the scope of the BCM program
B. Understanding the organization and its context
C. Understanding the needs and expectations of stakeholders
D. Develop project plans
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is B. Understanding the organization and its context.
Stakeholders are identified after the context is determined and analyzed. Their needs and expectations are solicited, collected, analyzed, and managed as requirements, and become the basis of the scope. Alternatives are then proposed to meet stakeholders’ requirements. A business case evaluates the alternatives, selects one as the solution, and supports a program or project to be sponsored and initiated.
That said, a program or project is initiated with a charter supported by a business case that evaluates alternatives and determines the solution to meet stakeholders’ needs and expectations identified from the organization and its context, typically through internal and external analysis or environment scanning.
The scope of the BCM program is approved, baselined, and documented in the program plan after the program is initiated.
PMI OPM and Project Management
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.