Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor reviewing an organization's IS disaster
recovery plan should verify that it is:
A. tested every 6 months.
B. regularly reviewed and updated.
C. approved by the chief executive officer (CEO).
D. communicated to every departmental head in the organization.
- 2 Answers
- 10828 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: B
The plan should be reviewed at appropriate intervals,
depending upon the nature of the business and the rate of
change of systems and personnel, otherwise it may become out
of date and may no longer be effective. The plan must be
subjected to regular testing, but the period between tests
will again depend on the nature of the organization and the
relative importance of IS. Three months or even annually may
be appropriate in different circumstances. Although the
disaster recovery plan should receive the approval of senior
management, it need not be the CEO if another executive
officer is equally, or more appropriate. For a purely
IS-related plan, the executive responsible for technology
may have approved the plan. Similarly, although a business
continuity plan is likely to be circulated throughout an
organization, the IS disaster recovery plan will usually be
a technical document and only relevant to IS and
communications staff.
| Is This Answer Correct ? | 7 Yes | 0 No |
Answer / vineet aggarwal
In my opinion the answer should be
C. approved by the chief executive officer (CEO).coz it is
top most important that the BCP / DRP is supported by the
top management. Of course, the NEXT best is its regular
review and testing
| Is This Answer Correct ? | 2 Yes | 1 No |
Which of the following types of transmission media provide the BEST security against unauthorized access? A. Copper wire B. Twisted pair C. Fiber-optic cables D. Coaxial cables
In an online transaction processing system, data integrity is maintained by ensuring that a transaction is either completed in its entirety or not at all. This principle of data integrity is known as: A. isolation. B. consistency. C. atomicity. D. durability.
An IS auditor is assigned to help design the data security aspects of an application under development. Which of the following provides the MOST reasonable assurance that corporate assets are protected when the application is certified for production? A. A review conducted by the internal auditor B. A review conducted by the assigned IS auditor C. Specifications by the user on the depth and content of the review D. An independent review conducted by another equally experienced IS auditor
An IS auditor reviewing an organization's IT strategic plan should FIRST review: A. the existing IT environment. B. the business plan. C. the present IT budget. D. current technology trends.
Naming conventions for system resources are important for access control because they: A. ensure that resource names are not ambiguous. B. reduce the number of rules required to adequately protect resources. C. ensure that user access to resources is clearly and uniquely identified. D. ensure that internationally recognized names are used to protect resources.
The MOST significant level of effort for business continuity planning (BCP) generally is required during the: A. testing stage. B. evaluation stage. C. maintenance stage. D. early stages of planning.
A disaster recovery plan (DRP) for an organization should: A. reduce the length of the recovery time and the cost of recovery. B. increase the length of the recovery time and the cost of recovery. C. reduce the duration of the recovery time and increase the cost of recovery. D. not affect the recovery time nor the cost of recovery.
The feature of a digital signature that ensures the sender cannot later deny generating and sending the message is: A. data integrity. B. authentication. C. nonrepudiation. D. replay protection.
Which of the following reports is a measure of telecommunication transmissions and determines whether transmissions are completed accurately? A. Online monitor reports B. Downtime reports C. Help desk reports D. Response time reports
An IS auditor evaluating data integrity in a transaction driven system environment should review atomicity, to determine whether: A. the database survives failures (hardware or software). B. each transaction is separated from other transactions. C. integrity conditions are maintained. D. a transaction is completed or not, or a database is updated or not.
To prevent unauthorized entry to the data maintained in a dial-up fast response system, an IS auditor should recommend: A. online terminals be placed in restricted areas. B. online terminals be equipped with key locks. C. ID cards be required to gain access to online terminals. D. online access be terminated after three unsuccessful attempts.
To review access to ceratin data base to determine whether the "new user" forms were correctly authorized. This is an example of:
Cisco Certifications 
