Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam ISO-22301-Lead-Auditor Topic 2 Question 48 Discussion

Actual exam question for PECB's ISO 22301 Lead Auditor exam
Question #: 48
Topic #: 2
[All ISO 22301 Lead Auditor Questions]

When determining the scope of the BCMS, what is true?

Show Suggested Answer Hide Answer
Suggested Answer: C

The scope of the business continuity management system (BCMS) is the statement that defines the boundaries and applicability of the BCMS. It specifies which products, services, processes, locations, and organizational units are covered by the BCMS, as well as any exclusions or limitations. The scope should document and explain any exclusions, which are the products, services, or processes that are not within the scope of the BCMS. Exclusions may be justified for various reasons, such as:

The products, services, or processes are not critical to the organization's operations and objectives.

The products, services, or processes are already covered by other management systems or plans.

The products, services, or processes are outside the organization's control or influence.

The products, services, or processes are not relevant or applicable to the organization's context or needs.

However, the exclusions should not affect the organization's ability to provide products and services that meet the requirements and expectations of its interested parties. The exclusions should also not compromise the conformity of the BCMS with the requirements of ISO 22301, the international standard for business continuity management systems. The scope and the exclusions should be documented in a clear and concise manner, and communicated to all relevant stakeholders. The scope and the exclusions should also be reviewed and updated regularly to reflect the changing circumstances and needs of the organization.Reference:

ISO 22301:2019 - Security and resilience --- Business continuity management systems --- Requirements, Clause 4.3: Determining the scope of the business continuity management system1

ISO 22301 Auditing eBook, Chapter 3: Business Continuity Integration, Section 3.1: Business Continuity Integration Levels2

ISO 22301 Clause 4.3 Determining the Scope of the Business Continuity Management System3


Contribute your Thoughts:

Jenelle
9 days ago
Haha, the scope should cover the entire organization? That's like trying to boil the ocean, right?
upvoted 0 times
...
Shizue
18 days ago
But doesn't the scope need to document and explain any exclusions as well?
upvoted 0 times
...
Paris
19 days ago
The scope should be flexible enough to accommodate changes in the organization. Option D is clearly wrong.
upvoted 0 times
...
Layla
20 days ago
I agree with Ernest, it's important to have a comprehensive scope to ensure all aspects are covered.
upvoted 0 times
...
Viola
21 days ago
I agree with Sanda. Documenting exclusions is key to defining the BCMS scope properly.
upvoted 0 times
...
Sanda
26 days ago
Option C is the correct answer. The scope should document and explain any exclusions to ensure transparency.
upvoted 0 times
Micah
13 days ago
C) The scope should document and explain any exclusions.
upvoted 0 times
...
Wenona
20 days ago
B) The scope should always cover the whole organization
upvoted 0 times
...
Anastacia
22 days ago
A) The scope only relates to the internal needs of the organization.
upvoted 0 times
...
...
Ernest
1 months ago
I think the scope should always cover the whole organization.
upvoted 0 times
...

Save Cancel