Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 53
According to IIA guidance on IT, which of the following best describes a situation where data backup plans exist to ensure that critical data can be restored at some point in the future, but recovery and restore processes have not been defined?
Answer options
- A. Hot recovery plan.
- B. Warm recovery plan.
- C. Cold recovery plan.
- D. Absence of recovery plan.
Correct answer: C
Explanation
The correct answer is C, as a Cold recovery plan indicates that data backups are available, but there are no established procedures for recovery and restoration. In contrast, a Hot recovery plan suggests immediate recovery capabilities, and a Warm recovery plan implies some restoration processes are in place, making them not suitable for the described scenario. The Absence of recovery plan would mean no backup exists at all, which contradicts the premise of having backup plans.