Certified Information Systems Auditor (CISA) — Question 194

Which of the following approaches will ensure recovery time objectives (RTOs) are met for an organization's disaster recovery plan (DRP)?

Answer options

• A. Performing a full interruption test
• B. Performing a parallel test
• C. Performing a tabletop test
• D. Performing a cyber-resilience test

Correct answer: A

Explanation

Performing a full interruption test is the only approach that fully simulates a real disaster, allowing the organization to assess the effectiveness of its disaster recovery plan and ensure that RTOs are met. In contrast, parallel tests and tabletop tests do not interrupt operations or provide a complete operational simulation, which may not adequately validate RTOs. A cyber-resilience test focuses on cybersecurity aspects rather than recovery time objectives.