Certified Information Systems Security Professional (CISSP) Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Information Systems Security Professional Exam. Utilize flashcards and multiple-choice questions, complete with hints and explanations. Ace your exam!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which standard is part of the ISO 27000 series and focuses on business continuity?

ISO 22301
ISO/IEC 27031
ISO 9001
ISO 31000

The correct answer is: ISO/IEC 27031

The correct choice centers on ISO/IEC 27031, which specifically addresses the aspects of information and communication technology (ICT) resilience and is part of the ISO 27000 series that emphasizes maintaining business continuity in the face of disruptions. ISO/IEC 27031 outlines guidelines for the availability of information and provides a framework for organizations to develop their ICT capabilities to support business continuity. This standard is crucial for ensuring that businesses can adequately respond to and recover from various disruptions, thereby maintaining their operational effectiveness. ISO 22301, while it is a standard focused on business continuity management, is not part of the ISO 27000 series. Instead, it belongs to the ISO 22300 family, which deals with societal security and business continuity. ISO 9001 pertains to quality management systems and is not directly related to business continuity. ISO 31000 addresses risk management principles and guidelines but does not specifically focus on business continuity in the way that the selected standard does. In summary, ISO/IEC 27031’s focus on ICT resilience makes it the standard within the ISO 27000 series that specifically targets the requirements and practices for sustaining business continuity.