Certified Information Systems Auditor (CISA) — Question 70

An organization has developed processes to recover critical files in the event of a ransomware attack. Which type of control do these processes represent?

Answer options

• A. Corrective
• B. Detective
• C. Preventive
• D. Compensating

Correct answer: A

Explanation

The correct answer is A, as corrective controls are designed to restore systems and data after an incident has occurred. The other options do not apply here: detective controls identify incidents but do not fix them, preventive controls aim to stop incidents before they happen, and compensating controls provide an alternative to primary controls but do not specifically deal with recovery processes.