At which stage of the BCDR plan creation phase should security be included in discussions?
At which stage of the BCDR plan creation phase should security be included in discussions?
Security should be included in discussions from the very first phase when defining the scope of the BCDR plan. This ensures that security considerations are integrated from the beginning, helping to avoid additional costs and potential gaps in the plan that could arise if security were to be considered only later in the process.
I will go for A: Fist stage is the Scope, and as usual we should include security from the beginning
D is correct
I think it is (D) … Gathering requirement is the first phase should be
I would say that A is the correct answer. You first need to see if BCDR is in the scope and what type is needed depending on the business requirements, and only after that you start to gather the requirements
why not D ?
Security should be included in discussions during the assess risk stage of the BCDR plan creation phase. This is because at this stage, the organization is identifying and analyzing potential risks to the organization and its assets, and determining how those risks should be mitigated. Therefore, the correct answer is C. Assess risk.
Answer is A.
Security considerations should be integrated right from the beginning of the BCDR planning process. During the requirements gathering phase, stakeholders—including security teams—identify the controls, compliance needs, and protective measures necessary for the organization's critical systems and data. Addressing security at this stage ensures that the subsequent analysis, risk assessment, and planning phases are built upon a foundation that properly reflects security requirements, rather than treating security as an afterthought.