Question 6
Domain 4 — Technology, Security, and Resilience ControlsWhat is the primary purpose of a business impact analysis (BIA)?
Correct answer: B
Explanation
A business impact analysis identifies how disruptions affect essential operations, so it focuses on "the impact of disruptions on critical business processes." It helps an organization determine which processes are most important and what consequences follow if they are interrupted.
Why each option is right or wrong
A. To identify technical vulnerabilities
B. To understand the impact of disruptions on critical business processes
A business impact analysis is the step in continuity planning where an organization identifies its critical processes and evaluates what happens if they are unavailable, including operational, financial, legal, and reputational consequences. In practice, the BIA is used to determine which functions must be restored first and what downtime can be tolerated, so the focus is on assessing disruption effects rather than designing recovery procedures.
C. To eliminate all business risks
D. To increase IT budgets