Which metric should a company focus on to determine the maximum amount of data loss it can tolerate?

• A. Recovery Time Objective (RTO)
• B. Recovery Point Objective (RPO)
• C. Maximum Acceptable Outage (MAO)
• D. Business Continuity Plan (BCP)

Answer: (B)

Focusing on Recovery Point Objective (RPO) is crucial for a company to determine the maximum acceptable amount of data loss in the event of a disruption. RPO specifies the age of the data that must be recovered following a disruption, essentially defining the last point in time at which data must be intact to ensure business continuity. For instance, if a company has an RPO of one hour, it means that in the event of a failure, the organization can only tolerate losing data that was created or updated in the last hour.

This metric is critical for determining backup frequency and strategies for data management. It helps ensure that any interruptions in service will not result in significant data loss that could impede business operations or lead to substantial financial loss.

The other options, while important for overall disaster recovery planning, do not directly address the specific question of acceptable data loss tolerance. Recovery Time Objective (RTO) focuses on how quickly services must be restored after an outage, Maximum Acceptable Outage (MAO) relates to the duration an organization can tolerate downtime, and Business Continuity Plan (BCP) encompasses a comprehensive approach to maintaining essential functions but does not specifically quantify data loss tolerance.