While reviewing the business continuity plan of an organization, an IS auditor observed that the organization’s
data and software files are backed up on a periodic basis. Which characteristic of an effective plan does this
demonstrate?
A.
Deterrence
B.
Mitigation
C.
Recovery
D.
Response
Explanation:
An effective business continuity plan includes steps to mitigate the effects of a disaster. Files must be restored
on a timely basis for a backup plan to be effective. An example of deterrence is when a plan includes
installation of firewalls for information systems. An example of recovery is when a plan includes an
organization’s hot site to restore normal business operations.