Isaca Certified in Risk and Information Systems Control CRISC Question # 11 Topic 2 Discussion
CRISC Exam Topic 2 Question 11 Discussion:
Question #: 11
Topic #: 2
All business units within an organization have the same risk response plan for creating local disaster recovery plans. In an effort to achieve cost effectiveness, the BEST course of action would be to:
A.
select a provider to standardize the disaster recovery plans.
B.
outsource disaster recovery to an external provider.
C.
centralize the risk response function at the enterprise level.
D.
evaluate opportunities to combine disaster recovery plans.
Disaster recovery plans are essential for ensuring the continuity and resilience of business operations in the event of a disruption or disaster. However, creating and maintaining separatedisaster recovery plans for each business unit may not be cost-effective or efficient, as it may result in duplication, inconsistency, or gaps in the plans. Therefore, the best course of action would be to evaluate opportunities to combine disaster recovery plans across the business units, where possible and appropriate. This would help to achieve economies of scale, standardization, and alignment of the plans, as well as reduce complexity and costs. However, this does not mean that all disaster recovery plans should be identical or centralized, as different business units may have different risk profiles, recovery objectives, and requirements. Therefore, the combined disaster recovery plans should still be tailored and customized to suit the specific needs and characteristics of each business unit. References = ISACA CRISC Review Manual, 7th Edition, Chapter 2, Section 2.3.2, page 71.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit