When evaluating the ability of a disaster recovery plan to enable the recovery of IT processing capabilities, it is MOST important for the IS auditor to verify the plan is:

A. stored at an offsite location
B. communicated to department heads
C. regularly reviewed
D. periodically tested