A contingency plan should address?

A.
Potential risks

B.
Residual risks

C.
Identified risks

D.
All of the above

Explanation:
This is true, as stated in CISSP documentation, you should address any possible
“Residual Risk” at your contingency plan to minimize business impact when you are in a downtime
situation. The identified Risks and the Potential Risks are not identified there, they are identified
earlier.