Examice

Exam CISA All QuestionsBrowse all questions from this exam

Go to Exam

Question 481

Which of the following should be an IS auditor's GREATEST concern when reviewing a business continuity plan (BCP)?

Some critical business processes are not included in the BCP.

Business unit personnel are not aware of the BCP.

There is no evidence that the BCP has been tested.

An offsite storage location is not documented in the BCP.

Correct Answer: A

When reviewing a business continuity plan (BCP), the GREATEST concern for an IS auditor should be if some critical business processes are not included in the BCP. The primary objective of a BCP is to ensure that an organization can continue to operate critical functions during and after a disruption. If critical processes are not included, the plan basically fails its core purpose. While testing the BCP, awareness among personnel, and having an offsite storage location are important elements, they are secondary to ensuring that all critical business processes are identified and addressed in the plan.

Discussion

cidigi

Who provides the answers on these questions?? Aee from the the Isaca? A lot of them answers are misleadinfy

ziutek_Option: A

Only A

peeluOption: A

A. Some critical business processes are not included in the BCP.

JonnyBGoodOption: C

How do we confirm the correct answer?

SwallowsOption: A

While the absence of evidence that the BCP has been tested (option C) is also a significant concern, ensuring that critical business processes are adequately addressed within the plan is typically the GREATEST concern for an IS auditor. Therefore, it should be the primary focus when reviewing a business continuity plan.