Certified Information Security Manager (CISM) — Question 390

Which of the following tasks should he performed once a disaster recovery plan (DRP) has been developed?

Answer options

• A. Identify recovery time objectives (RTOs)
• B. Develop the test plan
• C. Analyze the business impact
• D. Define response team roles

Correct answer: B

Explanation

The correct answer is B because developing a test plan is crucial to ensure that the disaster recovery plan can be effectively executed and evaluated. Options A, C, and D are important steps but are typically completed prior to the development of the DRP rather than afterward.