CISA Certified Information Systems Auditor – Question0113

An IS auditor is evaluating the security of an organization’s data backup process, which includes the transmission of daily incremental backups to a dedicated offsite server. Which of the following findings poses the GREATEST risk to the organization?

A.
Backup transmissions are not encrypted
B. Backup transmissions occasionally fail
C. Data recovery testing is conducted once per year
D. The archived data log is incomplete

Correct Answer: A