CISA Certified Information Systems Auditor – Question2098

Before a failover test of a critical business application is performed, it is MOST important for the information security manager to:

A.
obtain a signed risk acceptation from the recovery team
B. obtain senior management’s approval
C. inform the users that the test is taking place
D. verify that the information assets have been classified properly

Correct Answer: B