CISM Certified Information Security Manager – Question0904

Which of the following is MOST important for an information security manager to verify before conducting full-functional continuity testing?

A.
Risk acceptance by the business has been documented.
B. Incident response and recovery plans are documented in simple language.
C. Teams and individuals responsible for recovery have been identified.
D. Copies of recovery and incident response plans are kept offsite.

Correct Answer: C