Multiple Choice
During an information security audit, an auditor discovers that the current disaster recovery plan was developed three years ago but never tested. There have been significant changes to information systems since the plan was developed. The auditor should:
A) Ask management to test the recovery plan immediately.
B) Recommend that management and users update and test the recovery plan.
C) Update the recovery plan for management as part of the review.
D) Review the recovery plan and report weaknesses to management.
Correct Answer:
Verified
Correct Answer:
Verified
Q150: When internal auditors provide consulting services, the
Q151: The most effective procedure to verify compliance
Q152: An internal auditor for a large telecommunications
Q153: According to IIA guidance, which of the
Q154: Which of the following is the primary
Q156: During the audit of a large decentralized
Q157: Which of the following actions has the
Q158: An internal auditor is conducting a financial
Q159: Which of the following potential performance measures
Q160: An organization contracted a third party to