Which is not a step in the BCDR continual process?

The continual process of Business Continuity and Disaster Recovery (BCDR) consists of several key steps that work together to ensure an organization can withstand and recover from disruptions. Auditing, while important in a broader organizational context, is not typically recognized as a distinct step in the BCDR process.

The essential steps in the BCDR process include defining the scope, analyzing potential impacts, and assessing risks associated with various threats. Defining the scope establishes the boundaries of the BCDR plan, ensuring that all relevant areas are considered. Analyzing involves examining potential disruptions and how they would affect operations. Assessing risk entails identifying vulnerabilities and the likelihood of various disruptive events occurring.

Including auditing within the BCDR continual process might imply reviewing or evaluating existing policies and procedures, but it is not a direct step in developing or implementing a BCDR strategy. Thus, the identification of it as the choice that does not fit with the core steps of BCDR highlights a misunderstanding of the process's focus on proactive risk management and recovery planning.