The BEST way for an IS auditor to determine whether an organization's disaster recovery plan (DRP) is current is option D: Verify the DRP is periodically tested.
While all of the options mentioned are important aspects of assessing the effectiveness and currency of a disaster recovery plan (DRP), periodic testing is crucial.
A. Reviewing critical system documentation and related recovery time objectives (RTOs) is essential, but it doesn't guarantee that the DRP is current. The documentation may be accurate, but it might not have been tested or updated recently.
B. Verifying that the DRP identifies appropriate staff with up-to-date contact details is important for communication during a disaster, but it alone doesn't ensure the effectiveness of the entire plan.
C. Ensuring that all staff is trained on business continuity is vital for the execution of the DRP, but it doesn't directly address the currency of the plan itself.
Therefore, option D is the best way for an IS auditor to determine whether an organization's DRP is current and capable of serving its intended purpose.
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
SuperMax
9 months, 4 weeks agogomboragchaa
1 year, 7 months ago