Which of the following findings should be of MOST concern to an IS auditor reviewing an organization's business continuity plan (BCP)?
A. An application inventory is not included.
B. A resource optimization plan is not included.
C. A business feasibility study was not performed.
D. A business impact analysis (NA) was not performed.
A. An application inventory is not included.
B. A resource optimization plan is not included.
C. A business feasibility study was not performed.
D. A business impact analysis (NA) was not performed.