Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
During an assessment of the disaster recovery (DR) strategy an IT auditor identifies a recent change with the recovery point objective (RPO) for a mission-critical system. What is the highest risk associated with this change?
The existing DR plan is not adjusted to achieve the new RPO.
The plan has not been validated against the new RPO.
The DR team lacks training on the new RPO.
Backups are not done frequently enough to achieve the new RPO.
The RPO is defined in the glossary of the CISA Review Manual as âthe earliest point in time to which it is acceptable to recover the data.â If backups are not performed frequently enough to meet the new RPO, a risk is created that the company will not have adequate backup data in the event of a disaster. This is the most significant risk because, without data, all other DR considerations are not useful. If the plan is not updated to reflect the new strategic goals of recovery time objective (RTO) and RPO, then the plan may not achieve those new goals. This is a less significant problem than not having the appropriate data available. The lack of training on the new DR strategy, as well as the lack of testing of the revised plan, both create risk in the team's ability to execute the plan; but, again, this risk is not as significant as not having data available due to the frequency of backups.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.