CISM Certified Information Security Manager – Question1412

Which of the following disaster recovery testing techniques is the MOST cost-effective way to determine the effectiveness of the plan?

A.
Preparedness tests
B. Paper tests
C. Full operational tests
D. Actual service disruption

Correct Answer: A

Explanation:

Explanation:
Preparedness tests would involve simulation of the entire test in phases and help the team better understand and prepare for the actual test scenario. Options B, C and D are not cost-effective ways to establish plan effectiveness. Paper tests in a walk-through do not include simulation and so there is less learning and it is difficult to obtain evidence that the team has understood the test plan. Option D is not recommended in most cases. Option C would require an approval from management is not easy or practical to test in most scenarios and may itself trigger a disaster.