O'Reilly logo

CISA® Certified Information Systems Auditor®: Study Guide, Third Edition by David Cannon

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Understanding the Auditor Interests in BC/DR Plans

Let’s summarize with the points of interest that an IS auditor should look for. We have discussed the basic objectives to be fulfilled by management. It is the auditor’s job to determine how well those objectives have been served. The auditor can use the following points for evaluation:

  • Compare the results of the business impact and risk analysis to the various strategies selected for each activity in the overall process timeline. Do the BIA research and work flow based risk assessment support management’s strategy?
  • Time delays are an absolute killer of business continuity plans. Has the client done a good job of documenting the RTOs? Are the recovery time objectives well founded and realistic? ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required