Effective CISSP Questions

Your organization initiated a program to implement the business continuity management system (BCMS) based on ISO 22301. Which of the following should be conducted first to implement the program? (Wentz QOTD)
A. Return on investment analysis
B. Cost-benefit analysis
C. SWOT analysis
D. Business impact analysis

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is C. SWOT analysis.

Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.

my justification is under development.


您的組織啟動了一項計畫(program)以實施基於 ISO 22301 的業務連續性管理系統(BCMS)。為了實施該計,應首先執行以下哪一項? (Wentz QOTD)
A. 投資回報分析
B. 成本效益分析
C. SWOT 分析
D. 業務衝擊分析

Leave a Reply