CISA Certified Information Systems Auditor – Question1747

After a full operational contingency test, an IS auditor performs a review of the recovery steps. The auditor concludes that the time it took for the technological environment and systems to return to full-functioning exceeded the required critical recovery time.
Which of the following should the auditor recommend?

A.
Perform an integral review of the recovery tasks.
B. Broaden the processing capacity to gain recovery time.
C. Make improvements in the facility's circulation structure.
D. increase the amount of human resources involved in the recovery.

Correct Answer: A

Explanation:

Explanation:
Performing an exhaustive review of the recovery tasks would be appropriate to identify the way these tasks were performed, identify the time allocated to each of the steps required to accomplish recovery, and determine where adjustments can be made.
Choices B, C and D could be actions after the described review has been completed.