Certified Information Security Manager (CISM) — Question 763

Which of the following is the BEST way to rigorously test a disaster recovery plan (DRP) for a mission-critical system without disrupting business operations?

Answer options

• A. Parallel testing
• B. Simulation testing
• C. Checklist review
• D. Structured walk-through

Correct answer: A

Explanation

Parallel testing is the best approach as it allows the DRP to be tested in real-time alongside ongoing operations, ensuring minimal impact on business activities. Simulation testing, checklist reviews, and structured walk-throughs do not provide the same level of rigorous evaluation as they either do not involve real systems or can disrupt normal operations.