
パスできるCBCP-002試験最速合格保証2023問題集!
CBCP-002問題集完全版問題で試験学習ガイド
質問 # 10
There are several reasons why a company would develop and implement a business continuity plan. Which of the following properly describes the best reason?
- A. Compliance with regulations
- B. The continuation of a company
- C. To increase liability
- D. Properly react to disasters
正解:B
解説:
Explanation
The primary reason for developing and implementing a business continuity plan is to ensure the continuation of a company's critical functions and processes in the face of a disruption that may otherwise cause severe losses or damage to the company's reputation, assets, customers,or stakeholders. A business continuity plan can help a company to resume operations as quickly as possible after a disruption, minimize the impact on its performance and profitability, protect its brand and image, and fulfill its legal and contractual obligations.
Verified References:
https://www.ready.gov/business-continuity-planhttps://drii.org/resources/professionalpractices/EN
質問 # 11
Which system in place enables you to balance risk and entrepreneurial energy with appropriate internal control procedures to manage that risk?
- A. Quality Management System
- B. Auditing Report
- C. Banking System
- D. Corporate Governance
正解:D
解説:
Explanation
Corporate governance is the system of rules, practices, and processes by which an organization is directed and controlled. It involves balancing the interests of various stakeholders, such as shareholders, management, customers, suppliers, regulators, and the community. It also enables an organization to balance risk and entrepreneurial energy with appropriate internal control procedures to manage that risk. Effective corporate governance can enhance performance, accountability, transparency, and trust. Verified References:
https://www.investopedia.com/terms/c/corporategovernance.asphttps://www.thebci.org/training-qualifications/go
質問 # 12
Risk ownership must be clearly set out, documented and agreed with the individual owners at all levels of the operational risk management process.
- A. False
- B. True
正解:B
解説:
Explanation
Risk ownership must be clearly set out, documented and agreed with the individual owners at all levels of the operational risk management process. This is true because risk ownership is oneof the key principles of business continuity management. Risk ownership means that each risk has a designated person who is responsible and accountable for its identification, assessment, treatment, monitoring, and reporting. Risk owners should have the authority and resources to manage their risks effectively and efficiently. Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://www.thebci.org/training-qualifications/good-practice-g
質問 # 13
Which phase of the project is the time to maximize on the employees' new awareness and management support?
- A. Benchmark
- B. Milestones
- C. Timelines
- D. Structure
正解:B
解説:
Explanation
Milestones are important events in a project that mark the completion of a major deliverable or the achievement of a key goal. They are a good time to check in with employees and management to see how they are feeling about the project, and to get their feedback on how things are going. This is also a good time to reinforce the importance of the project and to get everyone re-committed to its success.
The other three options are not as good times to maximize on the employees' new awareness and management support. Timelines are important, but they are not as important as milestones in terms of getting people's attention. Benchmarks are useful for tracking progress, but they are not as good for getting people's buy-in.
Structure is important for organizing a project, but it is not as important as milestones for motivating people.
So, the answer to the question is that the milestones phase of the project is the time to maximize on the employees' new awareness and management support.
Here are some specific things that you can do at the milestones phase to maximize on employee awareness and management support:
Hold a team meeting to celebrate the milestone and to discuss the next steps.
Send out a communication to all employees and managers, highlighting the milestone and thanking everyone for their hard work.
Meet with management to discuss the project's progress and to get their feedback.
Use the milestone as an opportunity to reinforce the importance of the project and to get everyone re-committed to its success.
質問 # 14
Which type of risks result from business decisions that are influenced by changes in markets, liquidity changes and credit risks?
- A. Technical
- B. Operational
- C. Strategic
- D. Financial
正解:D
解説:
Explanation
Financial risks are the risks that result from business decisions that are influenced by changes in markets, liquidity, and credit. Financial risks are the uncertainties or variabilities of the financial performance or position of an organization due to factors such as interest rates, exchange rates, inflation, credit ratings, debt levels, or cash flows. Financial risks can affect an organization's profitability, solvency, liquidity, or valuation.
Verified References:
https://www.investopedia.com/terms/f/financialrisk.asphttps://www.thebci.org/training-qualifications/good-pract
質問 # 15
BIA stands for
- A. Business Importance and Availability
- B. Business Impact Analysis
- C. Business Improvement Activities
- D. Business Information Availability
正解:B
解説:
Explanation
Business impact analysis (BIA) is the process of identifying and prioritizing the organization's functions and processes based on their importance to the organization's objectives, and assessing the potential impacts of a disruption to those functions and processes over time. The BIA helps to determine the recovery time objectives (RTOs), recovery point objectives (RPOs), and resource requirements for each function and process, as well as the interdependencies and dependencies among them. The BIA provides the basis for developing recovery strategies and plans. Verified References:
https://www.ready.gov/business-impact-analysishttps://drii.org/resources/professionalpractices/EN
質問 # 16
Individual accountability for the management of the risk should be clearly established.
- A. False
- B. True
正解:B
解説:
Explanation
Individual accountability for the management of the risk should be clearly established. This is true because accountability is one of the key principles of business continuity management. Accountability means that each person involved in the business continuity management program has a clear understanding of their roles and responsibilities, as well as the authorityand resources to perform them. Accountability also means that each person is held responsible for their actions and outcomes, and that they report on their performance and progress regularly. Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://phoenixnap.com/blog/what-is-business-continuity-mana
質問 # 17
Which of the following four are action approach crisis and post-crisis management? (Choose four R's)
- A. Rustic
- B. Rss Feed
- C. Readiness
- D. Reduction
- E. Response
- F. Recovery
正解:C、D、E、F
解説:
Explanation
The four R's are action approaches for crisis and post-crisis management. They are:
Reduction: This approach aims to prevent or mitigate the occurrence or impact of a crisis by identifying and addressing the root causes, vulnerabilities, and risks.
Readiness: This approach aims to prepare for a potential crisis by developing plans, policies, procedures, systems, teams, and resources that can enable a timely and effective response.
Response: This approach aims to manage a crisis by activating the plans, policies, procedures, systems, teams, and resources that can contain, control, and resolve the situation.
Recovery: This approach aims to restore normal operations after a crisis by implementing actions that can repair damages, restore functions and processes, resume services and products, recover losses, and learn lessons. Verified References:
https://www.cisco.com/c/en/us/solutions/hybrid-work/what-is-business-continuity.html
https://phoenixnap.com/blog/what-is-business-continuity-management
質問 # 18
Which control mechanism is the process by which an organization reduces the likelihood of a risk event occurring or mitigates the effects should it occur?
- A. Risk avoidance
- B. Risk collision
- C. Risk variation
- D. Risk control
正解:D
解説:
Explanation
Risk control is the control mechanism that is the process by which an organization reduces the likelihood of a risk event occurring or mitigates the effects should it occur. Risk control is the process of implementing measures or actions to modify or influence the risk level of an organization. Risk control can involve various strategies, such as avoidance, reduction, transfer, sharing, retention, or acceptance. Risk control can help to improve the organization's resilience and performance. Verified References:
https://www.investopedia.com/terms/r/risk-control.asphttps://www.thebci.org/training-qualifications/good-practi
質問 # 19
Which type of continuity planning will enhance the functioning relationship with the organization's key suppliers, creating stronger assurances of continuous supply of information, material product and services?
- A. Unilateral
- B. Bilateral
- C. Multilateral
正解:B
解説:
Explanation
Bilateral continuity planning is the type of continuity planning that will enhance the functioning relationship with the organization's key suppliers, creating stronger assurances of continuous supply of information, material product and services. Bilateral continuity planning is the process of developing and maintaining mutual agreements and arrangements between an organization and its key suppliers to ensure the continuity of their respective functions and processes in the event of a disruption. Bilateral continuity planning can help to reduce risks, costs, and dependencies, as well as to improve communication, coordination, and collaboration.
Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://phoenixnap.com/blog/what-is-business-continuity-mana
質問 # 20
In the event of a disaster that destroys the physical office site operations will be relocated to a temporary site.
- A. False
- B. True
正解:B
解説:
Explanation
In the event of a disaster that destroys the physical office site operations will be relocated to a temporary site.
This is true because one of the recovery strategies for a disaster is to have an alternate site where the critical functions and processes can be resumed until the primary site is restored or replaced. The alternate site can be a pre-arranged location, such as a rented office space, a hotel, or another branch of the same organization, or a mobile facility, such as a trailer or a container. The alternate site should have the necessary equipment, systems, data, and resources to support the continuity of the business. Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a
質問 # 21
Which type of risk is related to human error or achievement?
- A. Technical
- B. Strategic
- C. Commercial
- D. Operational
正解:D
解説:
Explanation
Operational risk is the type of risk that is related to human error or achievement. Operational risk is the uncertainty or variability of the execution or outcome of an organization's functions or processes. Operational risk can result from factors such as inadequate policies, procedures, systems, controls, skills, training, supervision, or compliance. Operational risk can affect an organization's operational efficiency, quality, safety, security, reputation, or profitability. Verified References:
https://www.investopedia.com/terms/o/operational_risk.asphttps://www.thebci.org/training-qualifications/good-p
質問 # 22
A disaster lasting longer than seventy-two (72) hours requires implementation of which of the following:
- A. Short Term Business Continuity Plan
- B. Business Continuity and Disaster Recovery Plan
正解:B
解説:
Explanation
A disaster lasting longer than seventy-two (72) hours requires implementation of a business continuity and disaster recovery plan. A business continuity and disaster recovery plan is a comprehensive document that outlines how an organization will respond to and recover from a disaster that disrupts its normal operations. It covers both the IT aspects (disaster recovery) and the business aspects (business continuity) of restoring the critical functions and processes within an acceptable time frame. A disaster lasting longer than seventy-two (72) hours is likely to have significant impacts on the organization's performance, reputation, assets, and stakeholders, and therefore requires a coordinated and structured approach to ensure its survival and resilience.
Verified References:
https://www.ready.gov/business-continuity-planhttps://www.csoonline.com/article/515730/business-continuity-a
質問 # 23
Which of the following should NOT be released in a publicly released BCP?
- A. Process flows
- B. Contact lists
- C. All of the above
- D. BIA results
正解:C
解説:
Explanation
A publicly released BCP is a version of a business continuity plan that is intended for external audiences, such as customers, suppliers, partners, regulators, media, or the public. It should not contain sensitive or confidential information that may compromise the security or privacy of theorganization or its stakeholders.
Therefore, it should not include process flows that detail how each function or process is performed; contact lists that reveal personal or organizational information; BIA results that show criticality ratings or recovery time objectives; or any other information that may expose vulnerabilities or risks. Verified References:
https://www.ready.gov/business-continuity-planhttps://drii.org/resources/professionalpractices/EN
質問 # 24
Which statement is authorized at an appropriate level and should codify the company's attitude to a particular risk?
- A. Process Document
- B. QMS Document
- C. Privacy Statement
- D. Policy Statement
正解:D
解説:
Explanation
A policy statement is a statement that is authorized at an appropriate level and should codify the company's attitude to a particular risk. A policy statement is a document that defines the scope, objectives, principles, roles, and responsibilities of a business continuity management program. It should also express the organization's commitment to managing risks and ensuring continuity of its critical functions and processes. A policy statement should be approved by senior management and communicated to all relevant stakeholders.
Verified References:
https://www.iso.org/publication/PUB100442.htmlhttps://phoenixnap.com/blog/what-is-business-continuity-mana
質問 # 25
Which type of management is an often used term, but has so many different connotations to different people that invariably the message of its meaning gets confused?
- A. Technical
- B. Functional
- C. Operational
- D. Strategic
正解:D
解説:
Explanation
Strategic management is the type of management that is an often used term, but has so many different connotations to different people that invariably the message of its meaning gets confused. Strategic management is the process of defining and executing the long-term vision, goals, plans, and actions of an organization. Strategic management involves analyzing the internal and external environment, formulating strategies, implementing them, and evaluating their outcomes. Strategic management can be complex and challenging, as it requires alignment and integration of various aspects of the organization, such as culture, structure, resources, capabilities, stakeholders, markets, competitors, or regulations. Verified References:
https://www.investopedia.com/terms/s/strategic-management.asp
https://phoenixnap.com/blog/what-is-business-continuity-management
質問 # 26
......
CBCP-002試験は、自然災害、サイバー攻撃、パンデミックなどの不利な事象に直面しても、重要なビジネスオペレーションの継続を保証する責任がある専門家に適しています。この認定は、ビジネス継続管理またはリスク管理、緊急事態管理、または災害復旧などの関連分野で2年以上の経験がある個人を対象としています。CBCP-002試験は、ビジネス継続管理の知識とスキルを向上させ、潜在的な雇用主に自分の専門知識を示すことを望む専門家にも適しています。
GAQM: Management無料認定試験資料は42問:https://jp.fast2test.com/CBCP-002-premium-file.html