Explanation should include the following:

Because all threats cannot be completely eliminated, organizations must address responses to threats and plans for continuous business operations.