Which of the following should be of MOST concern to an IS auditor reviewing the BCP?

seenagapeApril 25, 2014

PrepAway - Latest Free Exam Questions & Answers

A.
The disaster levels are based on scopes of damaged functions, but not on duration.

B.
The difference between low-level disaster and software incidents is not clear.

C.
The overall BCP is documented, but detailed recovery steps are not specified.

D.
The responsibility for declaring a disaster is not identified.

Explanation:
If nobody declares the disaster, the response and recovery plan would not be invoked, making all
other concerns mute. Although failure to consider duration could be a problem, it is not as
significant as scope, and neither is as critical as the need to have someone invoke the plan. The
difference between incidents and low-level disasters is always unclear and frequently revolves
around the amount of time required to correct the damage. The lack of detailed steps should be
documented, but their absence does not mean a lack of recovery, if in fact someone has invoked
the plan.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

Which of the following should be of MOST concern to an IS auditor reviewing the BCP?

Leave a Reply Cancel reply