• Home
  • Articles
  • [UPDATED 2024] GAQM CBCP-002 Questions Prepare with Free Demo of PDF [Q12-Q37]

[UPDATED 2024] GAQM CBCP-002 Questions Prepare with Free Demo of PDF [Q12-Q37]

Share

[UPDATED 2024] GAQM CBCP-002 Questions Prepare with Free Demo of PDF

NEW 2024 Certification Sample Questions CBCP-002 Dumps & Practice Exam

NEW QUESTION # 12
When should the Business Continuity Planning be reviewed?

  • A. Whenever the legal department declares it is time
  • B. Whenever the company gets audited
  • C. At least annually or whenever significant changes occur
  • D. Whenever encountering a disaster

Answer: C

Explanation:
Explanation
Business continuity planning is not a one-time activity, but a dynamic and ongoing process that needs to be reviewed and updated regularly to reflect changes in the internal and external environment. The frequency of review may vary depending on the nature and size of the organization, but it is generally recommended to conduct a review at least annually or whenever significant changes occur that may affect the continuity of the organization's functions and processes. Such changes may include organizational restructuring, new products or services, new technologies, new regulations, new threats or vulnerabilities, or lessons learned from incidents or exercises. Verified References:
https://www.ready.gov/business-continuity-planhttps://drii.org/resources/professionalpractices/EN


NEW QUESTION # 13
Which register maintains information on all the identified risks relating to an organization?

  • A. Crisis register
  • B. Risk register
  • C. Memory Data Register
  • D. Index register

Answer: B

Explanation:
Explanation
A risk register is a register that maintains information on all the identified risks relating to an organization. A risk register is a document or a tool that records and tracks the details of each risk, such as its description, source, impact, likelihood, rating, owner, status, response strategy, action plan, and monitoring method. A risk register is a useful tool for managing risks and communicating them to stakeholders. Verified References:
https://www.investopedia.com/terms/r/risk-register.asphttps://www.thebci.org/training-qualifications/good-pract


NEW QUESTION # 14
Which system in place enables you to balance risk and entrepreneurial energy with appropriate internal control procedures to manage that risk?

  • A. Corporate Governance
  • B. Banking System
  • C. Quality Management System
  • D. Auditing Report

Answer: A

Explanation:
Explanation
Corporate governance is the system of rules, practices, and processes by which an organization is directed and controlled. It involves balancing the interests of various stakeholders, such as shareholders, management, customers, suppliers, regulators, and the community. It also enables an organization to balance risk and entrepreneurial energy with appropriate internal control procedures to manage that risk. Effective corporate governance can enhance performance, accountability, transparency, and trust. Verified References:
https://www.investopedia.com/terms/c/corporategovernance.asphttps://www.thebci.org/training-qualifications/go


NEW QUESTION # 15
There are several reasons why a company would develop and implement a business continuity plan. Which of the following properly describes the best reason?

  • A. The continuation of a company
  • B. Compliance with regulations
  • C. Properly react to disasters
  • D. To increase liability

Answer: A

Explanation:
Explanation
The primary reason for developing and implementing a business continuity plan is to ensure the continuation of a company's critical functions and processes in the face of a disruption that may otherwise cause severe losses or damage to the company's reputation, assets, customers,or stakeholders. A business continuity plan can help a company to resume operations as quickly as possible after a disruption, minimize the impact on its performance and profitability, protect its brand and image, and fulfill its legal and contractual obligations.
Verified References:
https://www.ready.gov/business-continuity-planhttps://drii.org/resources/professionalpractices/EN


NEW QUESTION # 16
Which type of continuity planning will enhance the functioning relationship with the organization's key suppliers, creating stronger assurances of continuous supply of information, material product and services?

  • A. Bilateral
  • B. Multilateral
  • C. Unilateral

Answer: A

Explanation:
Explanation
Bilateral continuity planning is the type of continuity planning that will enhance the functioning relationship with the organization's key suppliers, creating stronger assurances of continuous supply of information, material product and services. Bilateral continuity planning is the process of developing and maintaining mutual agreements and arrangements between an organization and its key suppliers to ensure the continuity of their respective functions and processes in the event of a disruption. Bilateral continuity planning can help to reduce risks, costs, and dependencies, as well as to improve communication, coordination, and collaboration.
Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://phoenixnap.com/blog/what-is-business-continuity-mana


NEW QUESTION # 17
Which of the following should NOT be released in a publicly released BCP?

  • A. Process flows
  • B. BIA results
  • C. Contact lists
  • D. All of the above

Answer: D

Explanation:
Explanation
A publicly released BCP is a version of a business continuity plan that is intended for external audiences, such as customers, suppliers, partners, regulators, media, or the public. It should not contain sensitive or confidential information that may compromise the security or privacy of theorganization or its stakeholders.
Therefore, it should not include process flows that detail how each function or process is performed; contact lists that reveal personal or organizational information; BIA results that show criticality ratings or recovery time objectives; or any other information that may expose vulnerabilities or risks. Verified References:
https://www.ready.gov/business-continuity-planhttps://drii.org/resources/professionalpractices/EN


NEW QUESTION # 18
What is the frequency of BCP testing for critical processes?

  • A. Quarterly
  • B. Annually
  • C. As per calendar planned at beginning of the year
  • D. Half-yearly

Answer: D

Explanation:
Explanation
BCP testing is the process of verifying the effectiveness of a business continuity plan and ensuring that it meets the business objectives and requirements. BCP testing should be conducted regularly to identify any gaps or weaknesses in the plan and to update it accordingly1. While the number of tests to be conducted depends on the industry background, size and complexity, available resources, and BCP maturity levels, it is recommended that the tests are conducted twice a year for critical processes but at least minimum once a year1.


NEW QUESTION # 19
A disaster can also be declared for an illness pandemic where a significant portion of employees are sick.

  • A. True
  • B. False

Answer: A

Explanation:
Explanation
A disaster can also be declared for an illness pandemic where a significant portion of employees are sick. This is true because an illness pandemic is a type of natural disaster that can affect an organization's ability to continue its normal operations. An illness pandemic can cause absenteeism, reduced productivity, increased costs, supply chain disruptions, customer dissatisfaction, or regulatory compliance issues. Therefore, an organization may need to declare a disaster and activate its business continuity and disaster recovery plan if an illness pandemic impacts its critical functions and processes beyond an acceptable level. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a


NEW QUESTION # 20
Which of the following can threats be considered? (Choose three)

  • A. Supply chain failure
  • B. Water
  • C. Technology failure
  • D. Fire
  • E. Operational failure

Answer: B,C,D

Explanation:
Explanation
Threats can be considered any events or situations that can cause harm or disruption to an organization's functions or processes. Threats can be natural, human-made, or technological in origin. Some examples of threats are water (such as floods, leaks, or spills), technology failure (such as system crashes, cyberattacks, or power outages), and fire (such as arson, accidents, or explosions). Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://phoenixnap.com/blog/what-is-business-continuity-mana


NEW QUESTION # 21
BIA stands for

  • A. Business Improvement Activities
  • B. Business Impact Analysis
  • C. Business Information Availability
  • D. Business Importance and Availability

Answer: B

Explanation:
Explanation
Business impact analysis (BIA) is the process of identifying and prioritizing the organization's functions and processes based on their importance to the organization's objectives, and assessing the potential impacts of a disruption to those functions and processes over time. The BIA helps to determine the recovery time objectives (RTOs), recovery point objectives (RPOs), and resource requirements for each function and process, as well as the interdependencies and dependencies among them. The BIA provides the basis for developing recovery strategies and plans. Verified References:
https://www.ready.gov/business-impact-analysishttps://drii.org/resources/professionalpractices/EN


NEW QUESTION # 22
Which of the following four are action approach crisis and post-crisis management? (Choose four R's)

  • A. Response
  • B. Recovery
  • C. Reduction
  • D. Readiness
  • E. Rss Feed
  • F. Rustic

Answer: A,B,C,D

Explanation:
Explanation
The four R's are action approaches for crisis and post-crisis management. They are:
Reduction: This approach aims to prevent or mitigate the occurrence or impact of a crisis by identifying and addressing the root causes, vulnerabilities, and risks.
Readiness: This approach aims to prepare for a potential crisis by developing plans, policies, procedures, systems, teams, and resources that can enable a timely and effective response.
Response: This approach aims to manage a crisis by activating the plans, policies, procedures, systems, teams, and resources that can contain, control, and resolve the situation.
Recovery: This approach aims to restore normal operations after a crisis by implementing actions that can repair damages, restore functions and processes, resume services and products, recover losses, and learn lessons. Verified References:
https://www.cisco.com/c/en/us/solutions/hybrid-work/what-is-business-continuity.html
https://phoenixnap.com/blog/what-is-business-continuity-management


NEW QUESTION # 23
BIA helps you identify

  • A. Tangible and intangible impact of a disruption over period of time
  • B. Critical services and products
  • C. All of the above
  • D. Critical interdependencies and interested parties

Answer: C

Explanation:
Explanation
BIA helps to identify all of the above aspects of an organization's functions and processes. It helps to identify the critical services and products that the organization delivers to its customers and stakeholders, and the functions and processes that support them. It also helps to identify the critical interdependencies and interested parties that are involved in or affected by the organization's functions and processes, such as suppliers, partners, regulators, or employees. Moreover, it helps to identify the tangible and intangible impacts of a disruption tothe organization's functions and processes over a period of time, such as financial losses, reputational damage, legal liabilities, or customer dissatisfaction. Verified References:
https://www.ready.gov/business-impact-analysishttps://drii.org/resources/professionalpractices/EN


NEW QUESTION # 24
Which phase of the project is the time to maximize on the employees' new awareness and management support?

  • A. Structure
  • B. Timelines
  • C. Milestones
  • D. Benchmark

Answer: C

Explanation:
Explanation
Milestones are important events in a project that mark the completion of a major deliverable or the achievement of a key goal. They are a good time to check in with employees and management to see how they are feeling about the project, and to get their feedback on how things are going. This is also a good time to reinforce the importance of the project and to get everyone re-committed to its success.
The other three options are not as good times to maximize on the employees' new awareness and management support. Timelines are important, but they are not as important as milestones in terms of getting people's attention. Benchmarks are useful for tracking progress, but they are not as good for getting people's buy-in.
Structure is important for organizing a project, but it is not as important as milestones for motivating people.
So, the answer to the question is that the milestones phase of the project is the time to maximize on the employees' new awareness and management support.
Here are some specific things that you can do at the milestones phase to maximize on employee awareness and management support:
Hold a team meeting to celebrate the milestone and to discuss the next steps.
Send out a communication to all employees and managers, highlighting the milestone and thanking everyone for their hard work.
Meet with management to discuss the project's progress and to get their feedback.
Use the milestone as an opportunity to reinforce the importance of the project and to get everyone re-committed to its success.


NEW QUESTION # 25
Which control mechanism is the process by which an organization reduces the likelihood of a risk event occurring or mitigates the effects should it occur?

  • A. Risk collision
  • B. Risk control
  • C. Risk variation
  • D. Risk avoidance

Answer: B

Explanation:
Explanation
Risk control is the control mechanism that is the process by which an organization reduces the likelihood of a risk event occurring or mitigates the effects should it occur. Risk control is the process of implementing measures or actions to modify or influence the risk level of an organization. Risk control can involve various strategies, such as avoidance, reduction, transfer, sharing, retention, or acceptance. Risk control can help to improve the organization's resilience and performance. Verified References:
https://www.investopedia.com/terms/r/risk-control.asphttps://www.thebci.org/training-qualifications/good-practi


NEW QUESTION # 26
In the event of a disaster, notification shall be given to each employee by either the HR Department Manager or through the firm's emergency notice system.

  • A. True
  • B. False

Answer: A

Explanation:
Explanation
In the event of a disaster, notification shall be given to each employee by either the HR Department Manager or through the firm's emergency notice system. This is true because communication is a vital component of any disaster recovery and business continuity plan. Employees need to be informed of the situation, their roles and responsibilities, and the actions they need to take to ensure their safety and the continuity of the business.
The HR Department Manager or the emergency notice system are the designated channels for communicating with employees during a disaster. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a


NEW QUESTION # 27
Which risk group is associated with risk of physical assets failing/being damaged or enhanced?

  • A. Operational
  • B. Financial
  • C. Technical
  • D. Strategic

Answer: C

Explanation:
Explanation
Technical risk is the type of risk that is associated with risk of physical assets failing/being damaged or enhanced. Technical risk is the uncertainty or variability of the performance or reliability of physical assets, such as equipment, systems, infrastructure, or data. Technical risk can result from factors such as design flaws, manufacturing defects, maintenance issues, obsolescence, human error, natural disasters, or cyberattacks.
Technical risk can affect an organization's operational efficiency, quality, safety, security, or profitability.
Verified References:
https://www.investopedia.com/terms/t/technical-risk.asphttps://www.thebci.org/training-qualifications/good-prac


NEW QUESTION # 28
......

CBCP-002 Deluxe Study Guide with Online Test Engine: https://actualtest.updatedumps.com/GAQM/CBCP-002-updated-exam-dumps.html

Related Articles

more
GAQM CBCP-002 Certification Practice Exam