The Recovery Time Objective (RTO) is the maximum acceptable length of time that a system can be down after a failure or disaster. Determining the RTO involves assessing the cost of downtime and its impact on business operations to ensure that recovery strategies are cost-effective and aligned with business needs.
[Reference:ISACA CRISC Review Manual, 7th Edition, Chapter 3: Risk Response and Reporting, Section: Business Continuity and Disaster Recovery., , , , , ]
Submit