medium · Frm Part 2 Operational Risk
A global investment bank defines its recovery time objective (RTO) for a critical payment-clearing process as 4 hours. During a cyber stress testing exercise involving a destructive malware scenario, the technical team identifies that while data can be restored from the last immutable backup within 3 hours, the subsequent integrity validation of the database requires an additional 2 hours.
Which of the following statements best describes the resilience posture of this process?
- The process is non-resilient because the recovery time exceeds the impact tolerance.
- The process is resilient because the data restoration component meets the RTO threshold.
- The process is resilient because RPO logic ensures no data is lost during the 5-hour window.
- The process is non-resilient because the recovery point objective has been breached by the validation delay.
Sign up free to see the explanation and track your rank →
More Frm Part 2 Operational Risk practice
- Which of the following describes the 'One Big Loss' principle for heavy-tailed (subexponen
- Under the current Basel Standardized Measurement Approach (SMA) for operational risk, whic
- Which of the following is NOT one of them?
- What is the marginal coefficient for the portion of the BI that exceeds 30 billion euros?
- According to standard regulatory definitions (such as SR 11-7), which three components are
- A material change to a model is most likely to be triggered by which event?
- How long is the historical window required for calculating the average annual operational
- In the Bow-Tie analysis framework, where do 'Preventive Controls' sit relative to the oper