Helping Hand Questions for ISO-22301-Lead-Implementer

Page: 2 / 5

Question 8

What is the purpose of plan review exercise methods?

Options:

Enable teams to practice working together and making decisions under more stressful time frames.

Familiarize participants with new or updated content.

Prepare participants for disruptions that impact the entire organization.

Question 9

Scenario:

Fundon is a financial services company certified against ISO 22301. As part of their BCMS, the company has established an exercise program. Due to an unexpected situation, the exercise coordinator of Fundon decided to suspend the exercise, which was planned to be conducted next week.

Is this acceptable?

Options:

Yes, the exercise coordinator may suspend or stop an exercise if an unexpected situation, such as a real incident, occurs.

No, the decision of stopping or suspending an exercise should be made only by the top management of the organization.

No, ISO 22301 requires organizations to always perform exercise programs if they were planned.

Question 10

What is the purpose of an audit follow-up?

Options:

To confirm the conformity and effectiveness of the management system.

To evaluate the actions taken to correct the detected nonconformities during the audit.

To review internal audit results and management review results.

Question 11

Scenario:

Clicked is a law firm that handles complex clients' needs and offers a wide range of legal and tax services. Clicked’s professionals are equipped with an in-depth knowledge of the legal and regulatory requirements. They are committed to providing their clients with the best services and legal advice. Considering that it is essential to meet their clients' needs, Clicked decided to implement a BCMS based on ISO 22301 to provide them uninterrupted services.

To implement the BCMS, the top management of Clicked decided to contract an external consultant, Tris, as the BCMS project manager, and assembled a team of four members to aid in the process. Prioritizing a smoother integration of the BCMS, the top management focused on incorporating it into the company's existing operational procedures. Additionally, the top management and the project team chose to adopt the Plan-Do-Check-Act (PDCA) model as their implementation approach, allowing for a systematic and phased approach to establishing andmaintaining the BCMS.

Then, the top management and Tris compiled a document containing the financial benefits and consequences of every decision they were going to make during the implementation of the BCMS. The top management also agreed that the project implementation should be finalized within a six-month timeframe, encompassing planning through the completion of the last implementation stage.

The project team initiated the implementation process by analyzing the company's internal and external context. This involved evaluating Clicked’s compliance with all applicable legal requirements and understanding the key services, necessary activities, and resource allocation, including staff expertise and technological tools. Based on this analysis, the top management and Tris established specific business continuity objectives. Their primary goal was to ensure that all critical legal services could be resumed within a two-hour timeframe following any disruptive incident to minimize client impact.

As stated in Scenario 2, the top management and Tris compiled a document containing the financial benefits and consequences of each decision. What type of document did they develop in this case?