Which would be the BEST course of action for the IS auditor?

An IS auditor noted that an organization had adequate business continuity plans (BCPs) for each individual
process, but no comprehensive BCP. Which would be the BEST course of action for the IS auditor?

An IS auditor noted that an organization had adequate business continuity plans (BCPs) for each individual
process, but no comprehensive BCP. Which would be the BEST course of action for the IS auditor?

A.
Recommend that an additional comprehensive BCP be developed.

B.
Determine whether the BCPs are consistent.

C.
Accept the BCPs as written.

D.
Recommend the creation of a single BCP.

Explanation:
Depending on the complexity of the organization, there could be more than one plan to address various aspects
of business continuity and disaster recovery. These do not necessarily have to be integrated into one single
plan; however, each plan should be consistent with other plans to have a viable business continuity planning
strategy.



Leave a Reply 0

Your email address will not be published. Required fields are marked *