CISA Certified Information Systems Auditor – Question1695 - CISA Certified Information Systems Auditor

An organization's disaster recovery plan should address early recovery of:

A. all information systems processes.
B. all financial processing applications.
C. only those applications designated by the IS manager.
D. processing in priority order, as defined by business management.

Correct Answer: D

Explanation:

Explanation:
Business management should know which systems are critical and when they need to process well in advance of a disaster. It is management’s responsibility to develop and maintain the plan. Adequate time will not be available for this determination once the disaster occurs. IS and the information processing facility are service organizations that exist for the purpose of assisting the general user management in successfully performing their jobs.