CISA Certified Information Systems Auditor – Question0690

Which of the following is MOST important to consider when reviewing a third-party service agreement for disaster recovery services?

A.
Recovery point objectives (RPOs) and recovery time objectives (RTOs) are included in the agreement.
B. The lowest price possible is obtained for the service rendered.
C. Security and regulatory requirements are addressed in the agreement.
D. Provisions exist to retain ownership of intellectual property in the event of termination.

Correct Answer: C