Exam CISM topic 1 question 325 discussion

While having documented risk acceptance by the business is important, it is more critical for the information security manager to verify that the teams and individuals responsible for recovery have been identified. This is because in the event of a disaster or interruption, the focus should be on restoring normal operations as quickly as possible, and having identified and trained teams and individuals in place will aid in this process. If the responsible individuals are not known, this can result in delays and confusion during the recovery process.

before test, risk should be accepted.

C seems the right one in this context

D. Risk acceptance by the business has been documented.

Even if risk acceptance has been documented, without the right teams and individuals identified and prepared to execute recovery plans, the testing process may not be effective or successful. We need to select the option which is 'Most' important.

C. Teams and individuals responsible for recovery have been identified. Before conducting continuity testing, it's critical to ensure that the teams and individuals responsible for the recovery process have been identified and are ready to execute their roles effectively. Without clearly defined and designated responsible parties, continuity testing may not yield meaningful results, and the organization's ability to respond to incidents and recover from disasters could be compromised. While the other options (A, B, and D) are also important considerations in information security and business continuity planning, ensuring that the right people and teams are in place for recovery is foundational to the success of continuity testing and overall security preparedness.

The correct answer is C. Teams and individuals responsible for recovery have been identified. Explanation: Among the options provided, verifying that teams and individuals responsible for recovery have been identified is the most important factor for an information security manager to ensure before conducting full-functional continuity testing. Here's why this option is the most important: C. Teams and individuals responsible for recovery have been identified: In continuity testing, it's crucial to know who will be responsible for executing recovery plans and actions when a disaster or disruption occurs. Identifying and confirming the availability and readiness of these teams and individuals ensures that the testing process can be effectively coordinated and executed.

If every other conditions are met and business do not accept risk then nothing can be done, therefore risk acceptance by the business is more suitable

C. Teams and individuals responsible for recovery have been identified

Before conducting full-functional continuity testing, the most important thing for an information security manager to verify is that teams and individuals responsible for recovery have been identified. This is because these teams and individuals are the ones who will be responsible for executing the recovery plans during the continuity testing. Without identifying the appropriate teams and individuals, it will be difficult to assess the organization's ability to recover from a disaster or disruption.

The driving factor for continuity testing should be to keep the business running. With this in mind, the only correct answer is (C) as it is the only one that addresses uptime. Rationale: (A) IR in simple language is great but does nothing to address keeping the business running. Cause without the proper people it's not going anywhere. (B) Keeping the copies offsite doesn't help when you need them right now. (D) Risk acceptance is important, but you need someone to carry out those orders. Thus why (C) is the correct answer.

I would go with C