Isaca Certified Information Systems Auditor CISA Question # 415 Topic 42 Discussion
CISA Exam Topic 42 Question 415 Discussion:
Question #: 415
Topic #: 42
An organization has moved all of its infrastructure to the cloud. Which of the following would be an IS auditor’s GREATEST concern related to the organization’s ability to continue operations in case of a disaster?
A.
There is no evidence that disaster recovery plan (DRP) testing was performed after the migration.
B.
Only business-critical servers were configured with redundancy services on the cloud service provider.
C.
The previous infrastructure was not retained to support business operations in case of a disaster.
D.
The step-by-step recovery process was not updated in the disaster recovery plan (DRP) after the migration.
After migrating infrastructure to the cloud, it's imperative to test the disaster recovery plan (DRP) to ensure its effectiveness in the new environment. Without evidence of DRP testing post-migration, the organization cannot be certain that it can recover and continue operations during a disaster. While updating the DRP and configuring redundancy are essential steps, their effectiveness can only be validated through rigorous testing. Retaining previous infrastructure is less relevant if the cloud environment is properly configured and tested for disaster recovery.
[References:, ISACA CISA Review Manual, 28th Edition, Chapter 4: Information Systems Operations and Business Resilience., ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit