Certified Information Security Manager (CISM) — Question 119
An organization has decided to outsource its disaster recovery function. Which of the following is the MOST important consideration when drafting the service level agreement (SLA)?
Answer options
- A. Testing requirements
- B. Authorization chain
- C. Recovery time objectives (RTOs)
- D. Recovery point objectives (RPOs)
Correct answer: C
Explanation
The correct answer is C, as Recovery Time Objectives (RTOs) define the maximum acceptable time for restoring services after a disaster, which is critical for business continuity. While testing requirements and recovery point objectives (RPOs) are important, they do not directly address the urgency of service restoration like RTOs do.