Certified Information Systems Auditor (CISA) — Question 413

A national bank recently migrated a large number of business-critical applications to the cloud. Which of the following is MOST important to ensuring the resiliency of the applications?

Answer options

• A. Conducting periodic system stress testing
• B. Negotiating a service level agreement (SLA) with the provider
• C. Using a monitoring tool to assess uptime
• D. Creating restore points for critical applications

Correct answer: B

Explanation

Negotiating a service level agreement (SLA) with the provider is essential as it defines the expected levels of service, including uptime and support, which are critical for resiliency. While stress testing, monitoring tools, and restore points are important, they do not directly establish the foundational service commitments that an SLA provides.