CISA Certified Information Systems Auditor – Question0864

Which of the following activities should occur after a business impact analysis (BIA)?

A.
Identify threats to the IT environment
B. Identify critical applications
C. Analyze recovery options
D. Review the computing and user environment

Correct Answer: C