Which of the following should be of MOST concern to an IS auditor reviewing the BCP?

When auditing a disaster recovery plan for a critical business area, an IS auditor finds that it does
not cover all the systems. Which of the following is the MOST appropriate action for the IS auditor?

An organization has implemented a disaster recovery plan. Which of the following steps should be
carried out next?

A hot site should be implemented as a recovery strategy when the:

Which of the following is the BEST method for determining the criticality of each application system
in the production environment?

Which of the following provides the BEST evidence of an organization’s disaster recovery readiness?

Which of the following tasks should be performed FIRST when preparing a disaster recovery plan?

The cost of ongoing operations when a disaster recovery plan is in place, compared to not having
a disaster recovery plan, will MOST likely:

A financial institution that processes millions of transactions each day has a central
communications processor (switch) for connecting to automated teller machines (ATMs). Which of
the following would be the BEST contingency plan for the communications processor?

A disaster recovery plan for an organization’s financial system specifies that the recovery point
objective (RPO) is no data loss and the recovery time objective (RTO) is 72 hours. Which of the
following is the MOST cost-effective solution?