An IS auditor determines that a business impact analysis (BIA) was not conducted during the development of a business continuity plan (BCP). What is the MOST significant risk that could result from this situation?
A. Responsibilities are not property defined.
B. Recovery time objectives (RTOs) are not correctly determined.
C. Key performance indicators (KPIs) are not aligned.
D. Critical business applications are not covered.
A. Responsibilities are not property defined.
B. Recovery time objectives (RTOs) are not correctly determined.
C. Key performance indicators (KPIs) are not aligned.
D. Critical business applications are not covered.