Certified Information Systems Auditor (CISA) — Question 240

Which of the following is MOST important to define within a disaster recovery plan (DRP)?

Answer options

• A. Roles and responsibilities for recovery team members
• B. Test results for backup data restoration
• C. A comprehensive list of disaster recovery scenarios and priorities
• D. Business continuity plan (BCP)

Correct answer: C

Explanation

The correct answer is C because having a detailed list of disaster recovery scenarios and priorities ensures that the organization can respond effectively during a crisis. Options A, B, and D are important, but they do not encompass the overarching framework needed to prioritize and manage various disaster situations.