An IS auditor should be involved in:
A. observing tests of the disaster recovery plan.
B. developing the disaster recovery plan.
C. maintaining the disaster recovery plan.
D. reviewing the disaster recovery requirements of supplier
contracts.
- 1 Answers
- 9129 Views
- I also Faced
- E-Mail Answers
Answer Posted / guest
Answer: A
The IS auditor should always be present when disaster
recovery plans are tested, to ensure that the test meets the
required targets for restoration and recovery procedures are
effective and efficient, reporting on the results as
appropriate. IS auditors may be involved in overseeing plan
development, but they are unlikely to be involved in the
actual development process. Similarly, an audit of plan
maintenance may be conducted, but the IS auditor would not
normally have any responsibility for the actual maintenance.
An IS auditor may be asked to comment upon various elements
of a supplier contract but, again, this is not always the case.
| Is This Answer Correct ? | 8 Yes | 0 No |
Post New Answer View All Answers
