Certified Information Systems Auditor (CISA) — Question 410
Which of the following is MOST important to include within a business continuity plan (BCP) so that backup and replication is configured in a way that ensures data availability?
Answer options
- A. Recovery time objective (RTO)
- B. Resource management plan
- C. Disaster recovery location site
- D. Recovery point objective (RPO)
Correct answer: D
Explanation
The Recovery Point Objective (RPO) is vital as it defines the maximum acceptable amount of data loss measured in time, guiding backup frequency and replication strategies to ensure data availability. While the Recovery Time Objective (RTO) focuses on the time to recover after a disruption, and the other options are important, they do not directly address the data loss aspect as RPO does.