New Year Sale ! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam ISO-22301-Lead-Auditor Topic 2 Question 48 Discussion

Actual exam question for PECB's ISO-22301-Lead-Auditor exam
Question #: 48
Topic #: 2
[All ISO-22301-Lead-Auditor Questions]

When determining the scope of the BCMS, what is true?

Show Suggested Answer Hide Answer
Suggested Answer: C

The scope of the business continuity management system (BCMS) is the statement that defines the boundaries and applicability of the BCMS. It specifies which products, services, processes, locations, and organizational units are covered by the BCMS, as well as any exclusions or limitations. The scope should document and explain any exclusions, which are the products, services, or processes that are not within the scope of the BCMS. Exclusions may be justified for various reasons, such as:

The products, services, or processes are not critical to the organization's operations and objectives.

The products, services, or processes are already covered by other management systems or plans.

The products, services, or processes are outside the organization's control or influence.

The products, services, or processes are not relevant or applicable to the organization's context or needs.

However, the exclusions should not affect the organization's ability to provide products and services that meet the requirements and expectations of its interested parties. The exclusions should also not compromise the conformity of the BCMS with the requirements of ISO 22301, the international standard for business continuity management systems. The scope and the exclusions should be documented in a clear and concise manner, and communicated to all relevant stakeholders. The scope and the exclusions should also be reviewed and updated regularly to reflect the changing circumstances and needs of the organization.Reference:

ISO 22301:2019 - Security and resilience --- Business continuity management systems --- Requirements, Clause 4.3: Determining the scope of the business continuity management system1

ISO 22301 Auditing eBook, Chapter 3: Business Continuity Integration, Section 3.1: Business Continuity Integration Levels2

ISO 22301 Clause 4.3 Determining the Scope of the Business Continuity Management System3


Contribute your Thoughts:

Jenelle
2 months ago
Haha, the scope should cover the entire organization? That's like trying to boil the ocean, right?
upvoted 0 times
Krissy
26 days ago
Haha, yeah, trying to cover the whole organization can be overwhelming!
upvoted 0 times
...
Keshia
1 months ago
C) The scope should document and explain any exclusions.
upvoted 0 times
...
Zona
2 months ago
A) The scope should always cover the whole organization
upvoted 0 times
...
...
Shizue
2 months ago
But doesn't the scope need to document and explain any exclusions as well?
upvoted 0 times
...
Paris
2 months ago
The scope should be flexible enough to accommodate changes in the organization. Option D is clearly wrong.
upvoted 0 times
...
Layla
2 months ago
I agree with Ernest, it's important to have a comprehensive scope to ensure all aspects are covered.
upvoted 0 times
...
Viola
2 months ago
I agree with Sanda. Documenting exclusions is key to defining the BCMS scope properly.
upvoted 0 times
Han
1 months ago
Definitely, it's essential for effective implementation and management.
upvoted 0 times
...
Jarod
1 months ago
I agree, it ensures that everyone understands the boundaries of the BCMS.
upvoted 0 times
...
Susana
1 months ago
Yes, it helps to clearly outline what is included and what is not.
upvoted 0 times
...
Casie
2 months ago
I think documenting exclusions is important for defining the BCMS scope.
upvoted 0 times
...
...
Sanda
3 months ago
Option C is the correct answer. The scope should document and explain any exclusions to ensure transparency.
upvoted 0 times
Micah
2 months ago
C) The scope should document and explain any exclusions.
upvoted 0 times
...
Wenona
2 months ago
B) The scope should always cover the whole organization
upvoted 0 times
...
Anastacia
2 months ago
A) The scope only relates to the internal needs of the organization.
upvoted 0 times
...
...
Ernest
3 months ago
I think the scope should always cover the whole organization.
upvoted 0 times
...

Save Cancel