An IS auditor is reviewing results from the testing of an organization’s disaster recovery plan (DRP). Which of the following findings should be of GREATEST concern?
A.
The testing was done after implementing a business application.
B.
The backups at the DR site are not encrypted.
C.
The testing was done during critical business hours.
This is a typical BAD and irresponsible question of ISACA CISA, "C" refers a bad timing for testing and "could" influence the business severely. While the "D", "unreadable" may mean either "recovery is failed" or "the privilege is temporary missing ". The correct answer should depend on the exact situation of "C" and "D". In an other word, the answer depends on what the question auditor's thought , which is very very irresponsible. If we see "unreadable" means "the test is failed" and "D"'s influence is not very significantly recognized , I would choose D, not C.
Testing a disaster recovery plan during critical business hours introduces a significant risk of disrupting normal business operations. The purpose of disaster recovery testing is to ensure that the plan is effective in a real-world scenario without causing harm to the ongoing business activities. Testing during critical hours can impact service availability, customer satisfaction, and overall business continuity.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
hermfrancis
9 months, 3 weeks ago3008
1 year, 1 month agoFAGFUR
1 year, 2 months ago