Certified Information Security Manager (CISM) — Question 336

An organization's disaster recovery plan (DRP) is documented and kept at a disaster recovery site. Which of the following is the BEST way to ensure the plan can be carried out in an emergency?

Answer options

• A. Require disaster recovery documentation be stored with all key decision makers
• B. Provide annual disaster recovery training to appropriate staff
• C. Maintain an outsourced contact center in another country
• D. Store disaster recovery documentation in a public cloud

Correct answer: B

Explanation

Providing annual disaster recovery training to appropriate staff ensures that they are familiar with the procedures and can act quickly during an emergency. While storing documentation with decision makers or in the cloud may be useful, without proper training, staff may not know how to implement the plan effectively. An outsourced contact center, although beneficial, does not directly address the execution of the DRP itself.