Are you studying for the CISA certification?
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Which of these should be of highest Concern, for an IT auditor, assessing a business continuity plan?
The difference between low-level disaster and software incidents is not readily apparent.
The responsibility for declaring a disaster is not identified.
The overall BCP is documented, but detailed recovery steps are not provided.
The disaster levels are based on scopes of damaged functions, but not on duration.
If nobody declares the disaster, the response and recovery plan would not be invoked, making all other concerns moot. Although failure to consider duration could be a problem, it is not as significant as scope, and neither is as critical as the need to have someone invoke the plan. The difference between incidents and low-level disasters is always unclear and frequently revolves around the amount of time required to correct the damage. The lack of detailed steps should be documented, but their absence does not mean a lack of recovery, if in fact someone has invoked the plan.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.