Pass CBCI Exam Guide

In CBCI 7.0’s structure, unacceptable risks and single-point dependencies are typically discovered through analysis outputs (BIA and risk assessment) and are then treated through Solutions Design by selecting strategies and solutions that reduce vulnerability and enable recovery. To identify practical mitigations, the BC professional must work with the people who own the work and the resources—because they understand how activities are performed, where the true bottlenecks are, what constraints exist (skills, technology, suppliers, premises), and what changes are feasible without introducing new risks.

Activity and resource owners are also the stakeholders who will usually operate, maintain, and fund the controls or continuity solutions once agreed (e.g., alternate suppliers, resilience measures, cross-training, technology recovery design). Collaboration here ensures solutions are realistic, implementable, and aligned to operational needs.

Top management (B) approves priorities and budgets, but does not usually design detailed mitigations. Response team leaders (C) focus on incident-time execution, and communications managers (D) focus on messaging—both are important, but neither replaces the operational insight of owners when treating single points of failure. Therefore A is correct.

Personnel embracing Business Continuity fosters a culture that supports the design and implementation of a BCMS tailored to the organization’s unique culture, risks, and operational realities. The CBCI 7.0 course underscores that when personnel actively engage with continuity practices, the BCMS reflects actual organizational needs, leading to practical, accepted, and effective continuity programs. Commitment does not reduce the necessity for regular updates or validation; instead, it enhances the quality and relevance of those processes. While public confidence may improve indirectly, the key outcome is the fit-for-purpose nature of the BCMS driven by engaged personnel.

Strategic plans set the overarching framework and objectives for Business Continuity and are often supported by separate tactical or crisis communication plans tailored to communication needs during disruptions. The CBCI 7.0 course clarifies that while strategic plans guide overall responses, detailed emergency procedures and logistics coordination typically reside in operational or tactical plans, ensuring clarity and focus at different planning levels.

The CBCI 7.0 course states that conducting the risk assessment after the BIA allows the organization to prioritize risk treatments effectively by focusing on the critical activities identified during the BIA. The BIA highlights which business functions are most important and the impact of their disruption, enabling the risk assessment to concentrate on threats that could affect these priority areas. This sequencing ensures that resources and mitigation efforts are directed toward protecting the most significant risks impacting continuity objectives. Resource availability is not the primary reason, and risk assessments are integral to ongoing BCMS maintenance rather than conditional on business plan updates or solution development.