DRI International BCP Examination Questions
and Answers| 2026/27 Updated
Business Continuity
An ongoing process to ensure that the necessary steps are taken to identify the
impact of potential losses and maintain viable recovery strategies, recovery plans,
and continuity of services. (NFPA 1600)
Disaster Recovery
The technical aspect of business continuity. The collection of resources and
activities to re-establish information technology services (including components
such as infrastructure, telecommunications, systems,
applications and data) at an alternate site following a disruption of IT services.
Disaster recovery includes subsequent resumption and restoration of those
operations at a more permanent site. (DRJ)
Risk Assessment
The quantification of threats to an organization and the probability of them being
realized. (BCI)
Business Impact Analysis
A method of identifying the effects of failing to perform a function or requirement.
(FCD-1)
, Recovery Time Objective
Time goal for the restoration and recovery of functions or resources based on the
acceptable down time and acceptable level of performance in case of a disruption
of operations. (ASIS)
Recovery Point Objective
Point to which information used by an activity must be restored to enable the
activity to operate on resumption. ISO Editor's Note: Can also be referred to as
"maximum data loss". (ISO 22301)
Crisis Management
The overall coordination of an organization's response to a crisis, in an effective,
timely manner, with the goal of avoiding or minimizing damage to the
organization's profitability, reputation, and ability to operate. (DRJ)
Incident Management
The process by which an organization responds to and controls an incident using
emergency response procedures or plans. (DRJ)
Incident Response
The response of an organization to a disaster or other significant event that may
significantly impact the organization, its people, or its ability to function
productively. An incident response may include evacuation of a facility, initiating
a disaster recovery plan, performing damage assessment, and any other
measures necessary to bring an organization to a more stable status.
(DRJ)
and Answers| 2026/27 Updated
Business Continuity
An ongoing process to ensure that the necessary steps are taken to identify the
impact of potential losses and maintain viable recovery strategies, recovery plans,
and continuity of services. (NFPA 1600)
Disaster Recovery
The technical aspect of business continuity. The collection of resources and
activities to re-establish information technology services (including components
such as infrastructure, telecommunications, systems,
applications and data) at an alternate site following a disruption of IT services.
Disaster recovery includes subsequent resumption and restoration of those
operations at a more permanent site. (DRJ)
Risk Assessment
The quantification of threats to an organization and the probability of them being
realized. (BCI)
Business Impact Analysis
A method of identifying the effects of failing to perform a function or requirement.
(FCD-1)
, Recovery Time Objective
Time goal for the restoration and recovery of functions or resources based on the
acceptable down time and acceptable level of performance in case of a disruption
of operations. (ASIS)
Recovery Point Objective
Point to which information used by an activity must be restored to enable the
activity to operate on resumption. ISO Editor's Note: Can also be referred to as
"maximum data loss". (ISO 22301)
Crisis Management
The overall coordination of an organization's response to a crisis, in an effective,
timely manner, with the goal of avoiding or minimizing damage to the
organization's profitability, reputation, and ability to operate. (DRJ)
Incident Management
The process by which an organization responds to and controls an incident using
emergency response procedures or plans. (DRJ)
Incident Response
The response of an organization to a disaster or other significant event that may
significantly impact the organization, its people, or its ability to function
productively. An incident response may include evacuation of a facility, initiating
a disaster recovery plan, performing damage assessment, and any other
measures necessary to bring an organization to a more stable status.
(DRJ)
