CISA Exam Dumps | The MOST important function of a business continuity plan (BCP) is to.

<< Prev Question Next Question >>

Question 174/346

The MOST important function of a business continuity plan (BCP) is to.

A. provide procedures for evaluating tests of the BCP

B. ensure that all business functions are restored

C. provide a schedule of events that has to occur if there is a disaster

D. ensure that the critical business functions can be recovered

Question List (346q): Question 1: An IS auditor concludes that an organization has a quality s...; Question 2: An IS auditor begins an assignment and identifies audit comp...; Question 3: Which of the following findings should be of GREATEST concer...; Question 4: Which of the following would BEST enable an IS auditor to pe...; Question 5: Which of the following applications has the MOST inherent ri...; Question 6: What is the MOST critical finding when reviewing an organiza...; Question 7: Which of the following is an example of a corrective control...; Question 8: Which type of control is in place when an organization requi...; Question 9: As part of a follow-up of a previous year's audit, an IS aud...; Question 10: Which of the following observations should be of GREATEST co...; Question 11: Which of the following approaches would BEST ensure that dat...; Question 12: An organization's business function wants to capture custome...; Question 13: The MOST important reason why an IT risk assessment should b...; Question 14: An IS auditor finds that the process for removing access for...; Question 15: Which of the following would provide the BEST evidence for u...; Question 16: An organization has replaced all of the storage devices at i...; Question 17: Several unattended laptops containing sensitive customer dat...; Question 18: Which of the following is MOST important to ensure when revi...; Question 19: Which of the following is the GREATEST risk associated with ...; Question 20: An IS auditor reviewing a checkpoint/restart procedure shoul...; Question 21: Which of the following would be an IS auditor's GREATEST con...; Question 22: Compared to developing a system in-house, acquiring a softwa...; Question 23: Which of the following is MOST important to verify when impl...; Question 24: During which phase of a system development project should ke...; Question 25: Which of the following is the MOST reliable way for an IS au...; Question 26: Which of the following encryption methods offers the BEST wi...; Question 27: Which of the following controls is BEST implemented through ...; Question 28: When reviewing a project to replace multiple manual data ent...; Question 29: An organization has recently implemented a Voice-over IP (Vo...; Question 30: An IS auditor discovers an option in a database that allows ...; Question 31: Which of the following approaches would utilize data analyti...; Question 32: An IS auditor is using data analytics in an audit and has ob...; Question 33: Which of the following analytical methods would be MOST usef...; Question 34: Which of the following is MOST likely to be detected by an I...; Question 35: Which of the following development practices would BEST miti...; Question 36: During an audit, which of the following would be MOST helpfu...; Question 37: An organization is experiencing a large number of phishing a...; Question 38: Which of the following is the MOST important benefit of invo...; Question 39: Which type of control has been established when an organizat...; Question 40: While reviewing an organization s business continuity plan (...; Question 41: Which of the following control testing approaches is BEST us...; Question 42: Following the discovery of inaccuracies in a data warehouse,...; Question 43: An evaluation of an IT department finds that some IT goals d...; Question 44: The BEST way to preserve data integrity through all phases o...; Question 45: Segregation of duties would be compromised if:...; Question 46: During an exit interview senior management disagrees with so...; Question 47: When conducting a requirements analysis for a project the BE...; Question 48: What is the BEST justification for allocating more funds to ...; Question 49: Which of the following is the MOST reliable network connecti...; Question 50: Which of the following provides the MOST comprehensive under...; Question 51: A sales representative is reviewing the organization's feedb...; Question 52: Which of the following is MOST important to include in foren...; Question 53: Which of the following findings should be of GREATEST concer...; Question 54: When removing a financial application system from production...; Question 55: Management has asked internal audit to prioritize and perfor...; Question 56: In a virtualized environment, which of the following techniq...; Question 57: The PRIMARY role of a control self-assessment (CSA) facilita...; Question 58: Which of the following is the BEST way to mitigate the impac...; Question 59: Which of the following BEST facilitates the management of as...; Question 60: Which of the following should be of GREATEST concern to an I...; Question 61: An organization is using a single account shared by personne...; Question 62: In which phase of penetration testing would host detection a...; Question 63: After the release of an application system, an IS auditor wa...; Question 64: Which of the following is the BEST way to determine il IT is...; Question 65: To help ensure the accuracy and completeness of end-user com...; Question 66: Which of the following provides the MOST comprehensive descr...; Question 67: Which of the following is the BEST way to loster continuous ...; Question 68: An IS auditor is assigned to review the IS departments quali...; Question 69: During a routine check, a system administrator identifies un...; Question 70: Which of the following is a determine security control that ...; Question 71: An organization's software developers need access to persona...; Question 72: During an operational audit of a biometric system used to co...; Question 73: Which of the following is the BEST method to maintain an aud...; Question 74: An IS auditor learns the organization has experienced severa...; Question 75: An internal audit department recently established a quality ...; Question 76: Which of the following is the MOST important reason to use s...; Question 77: Which of the following should an IS auditor validate FIRST w...; Question 78: Which of the following should be the FIRST step in a data mi...; Question 79: The IS quality assurance (OA) group is responsible for...; Question 80: An IS audit manager finds that data manipulation logic devel...; Question 81: An IS auditor has assessed a payroll service provider's secu...; Question 82: During an audit of an organization's financial statements, a...; Question 83: Which of the following is MOST important for an IS auditor t...; Question 84: Which of the following is the PRIMARY reason for an organiza...; Question 85: Which of the following should be done FIRST when planning a ...; Question 86: An IS auditor is reviewing an organization's information ass...; Question 87: An IS auditor is reviewing the business requirements 'or the...; Question 88: To BEST evaluate the effectiveness of a disaster recovery pl...; Question 89: A bank has implemented a new accounting system. Which of the...; Question 90: Which of the following metrics is MOST useful to an IS audit...; Question 91: Which of the following system conversion strategies provides...; Question 92: During a follow-up audit, an IS auditor finds that some crit...; Question 93: A business unit cannot achieve desired segregation of duties...; Question 94: After delivering an audit report, the audit manager discover...; Question 95: When reviewing an organization's information security polici...; Question 96: Which of the following is the BEST source of information for...; Question 97: When an IS auditor evaluates key performance indicators (KPl...; Question 98: Which of the following is an example of a preventive control...; Question 99: In an IT organization where many responsibilities are shared...; Question 100: Which of the following communication modes should be of GREA...; Question 101: An organization plans to eliminate pilot releases and instea...; Question 102: An employee has accidentally posted confidential data to the...; Question 103: An organization is developing data classification standards ...; Question 104: An organization's information security department has recent...; Question 105: What is the MOST difficult aspect of access control in a mul...; Question 106: When of the following is to MOST important consideration whe...; Question 107: Which of the following is MOST important for an organization...; Question 108: Which of the following is MOST helpful in preventing a syste...; Question 109: To lest the integrity of the data in the accounts receivable...; Question 110: A warehouse employee of a retail company has been able to co...; Question 111: When reviewing an organization's IT governance processes, wh...; Question 112: The GREATEST risk of database denormalization is:...; Question 113: Which of the following is the MAIN purpose of an information...; Question 114: Which of the following is MOST important for an effective co...; Question 115: A company uses a standard form to document and approve all c...; Question 116: A CIO has asked an IS auditor to implement several security ...; Question 117: The BEST way to prevent fraudulent payments is to implement ...; Question 118: An organization is migrating its human resources (HR) applic...; Question 119: Which of the following is the MOST effective control for pro...; Question 120: An IS auditor was involved in the design phase for a new sys...; Question 121: During an audit of a data classification policy, an IS audit...; Question 122: Which of the following should be done by an IS auditor durin...; Question 123: What is the MAIN purpose of an organization's internal IS au...; Question 124: When evaluating a protect immediately prior to implementatio...; Question 125: An organization has established hiring policies and procedur...; Question 126: Which of the following is the GREATEST concern when using a ...; Question 127: An IS auditor is conducting a pre-implementation review to d...; Question 128: Both statistical and nonstatistical sampling techniques:...; Question 129: Which of the following MOST efficiently protects computer eq...; Question 130: An IT governance framework provides an organization with:...; Question 131: During a review of a production schedule, an IS auditor obse...; Question 132: Which of the following is the BEST compensating control for ...; Question 133: The PRIMARY reason an IS department should analyze past inci...; Question 134: An IS auditor reviewing the system development life cycle (S...; Question 135: Which of the following is the BEST preventive control to ens...; Question 136: Which of the following should be included in emergency chang...; Question 137: Which of the following is the GREATEST concern associated wi...; Question 138: Which of the following is a benefit of increasing the use of...; Question 139: After an employee termination, a network account was removed...; Question 140: Which of the following approaches provides the BEST assuranc...; Question 141: Secure code reviews as part of a conbnuous deployment progra...; Question 142: A data analytics loam has developed a process automation bot...; Question 143: Which of the following is MOST important to ensure that elec...; Question 144: Which of the following is the GREATEST security risk associa...; Question 145: A user of a telephone banking system has forgotten his perso...; Question 146: Which of the following are BEST suited for continuous auditi...; Question 147: Which of the following is the PRIMARY purpose of conducting ...; Question 148: Which of the following group is MOST likely responsible for ...; Question 149: An organization with high availability resource requirements...; Question 150: An airlines online booking system uses an automated script t...; Question 151: When a firewall is subjected to a probing attack, the MOST a...; Question 152: An IS auditor determines that a business continuity plan has...; Question 153: Many departments of an organization have not implemented aud...; Question 154: An IS auditor performing an audit of backup procedures obser...; Question 155: Which of the following should be an IS auditor's GREATEST co...; Question 156: A manufacturing company is implementing application software...; Question 157: The BEST way to validate whether a malicious act has actuall...; Question 158: Which of the following is the BEST indicator of the effectiv...; Question 159: An organization allows its employees to use personal mobile ...; Question 160: An organization has begun using social media to communicate ...; Question 161: An IS auditof notes the transaction processing times in an o...; Question 162: During a review of the IT strategic plan, an IS auditor find...; Question 163: To protect information assets, which of the following should...; Question 164: Which of the following indicates that an internal audit orga...; Question 165: Which of the following is the BEST indicator for measuring p...; Question 166: Which of the following is the MAIN benefit of using data ana...; Question 167: Which of the following provides the MOST assurance that new ...; Question 168: Which of the following is the client organization's responsi...; Question 169: When measuring the effectiveness of a security awareness pro...; Question 170: During an audit of a disaster recovery plan (DRP) for a crit...; Question 171: What is the PRIMARY purpose of performing a parallel run of ...; Question 172: Which of the following information security requirements BES...; Question 173: Which of the following would provide the BEST evidence of th...; Question 174: The MOST important function of a business continuity plan (B...; Question 175: Which of the following should occur EARLIEST in a business c...; Question 176: Which of the following is the MOST important feature of acce...; Question 177: Which of the following would MOST likely impair the independ...; Question 178: To enable the alignment of IT staff development plans with I...; Question 179: A checksum is classified as which type of control?...; Question 180: Which of the following BEST demonstrates that IT strategy is...; Question 181: Batch processes running in multiple countries are merged to ...; Question 182: To ensure efficient and economic use of limited resources in...; Question 183: Which of the following should be defined in an audit chatter...; Question 184: A large insurance company is about to replace a major financ...; Question 185: A data Breach has occurred due to malware. Which of the foll...; Question 186: An IS auditor assessing the controls within a newly implemen...; Question 187: Which of the following is the BEST way to reduce sampling ri...; Question 188: Which of the following is the BEST source for describing the...; Question 189: An audit has identified that business units have purchased c...; Question 190: Which of the following should be of GREATEST concern to an I...; Question 191: An IS auditor is reviewing an industrial control system (ICS...; Question 192: Which of the following is the PRIMARY objective of implement...; Question 193: The decision to accept an IT control risk related to data qu...; Question 194: Which of the following would be of GREATEST concern to an IS...; Question 195: Which of the following security risks can be reduced by a pr...; Question 196: A 5 year audit plan provides for general audits every year a...; Question 197: Following the sale of a business division, employees will be...; Question 198: An organization that has suffered a cyber attack is performi...; Question 199: Which of the following is MOST important to ensure when plan...; Question 200: While conducting a review of project plans related to a new ...; Question 201: During an ongoing audit management requests a briefing on th...; Question 202: Which of the following would BEST indicate the effectiveness...; Question 203: An IS auditor is asked to provide feedback on the systems op...; Question 204: An information systems security officer's PRIMARY responsibi...; Question 205: An IS auditor is reviewing security controls related to coll...; Question 206: Which of the following would BEST detect that a distributed-...; Question 207: Which of the following should be done FIRST when developing ...; Question 208: An accounts receivable data entry routine prevents the entry...; Question 209: During which phase of the incident management life cycle sho...; Question 210: Which of the following control techniques BEST ensures the i...; Question 211: Which of the following issues identified during a postmortem...; Question 212: An organization's security policy mandates that all new empl...; Question 213: The GREATEST benefit of using a prototyping approach in soft...; Question 214: A bank's web-hosting provider has just completed an internal...; Question 215: An organization allows employees to use personally owned mob...; Question 216: Which of the following is the BEST control to mitigate the m...; Question 217: Which of the following access rights presents the GREATEST r...; Question 218: Which of the following is an objective of data transfer cont...; Question 219: An IS auditor is planning on utilizing attribute sampling to...; Question 220: Following a breach, what is the BEST source 10 determine the...; Question 221: The CIO of an organization is concerned that the information...; Question 222: A security company and service provider have merged and the ...; Question 223: Which of the following yields the HIGHEST level of system av...; Question 224: Which of the following is the MOST effective way to minimize...; Question 225: Which of the following is the PRIMARY reason to adopt a capa...; Question 226: An organization has suffered a number of incidents in which ...; Question 227: Which of the following is the BEST way to mitigate the risk ...; Question 228: Which of the following is MOST important for an IS auditor t...; Question 229: Which of the following establishes the role of the internal ...; Question 230: Which of the following should be of concern to an IS auditor...; Question 231: When reviewing a contract for a disaster recovery hot site, ...; Question 232: In planning a major system development project, function poi...; Question 233: A financial institution is launching a mobile banking servic...; Question 234: Which of the following is the MOST important consideration f...; Question 235: Following a significant merger and acquisition, which of the...; Question 236: Which of the following is MOST useful for determining whethe...; Question 237: Which of the following backup schemes is the BEST option whe...; Question 238: Which of the following concerns is BEST addressed by securin...; Question 239: An organization uses multiple offsite data center facilities...; Question 240: IS management has recently disabled certain referential inte...; Question 241: An IS auditor is examining a front-end sub ledger and a main...; Question 242: Which of the following demonstrates the use of data analytic...; Question 243: Which of the following should be an IS auditor's GREATEST co...; Question 244: Which of the following should be of GREATEST concern to an I...; Question 245: An organization issues digital certificates to employees to ...; Question 246: Which of the following would be MOST important to update onc...; Question 247: Which of the following is the BEST way to address ongoing co...; Question 248: A bank is relocating its servers to a vendor that provides d...; Question 249: An IS auditor is performing a follow-up audit for findings i...; Question 250: Which of the following is the PRIMARY purpose of using data ...; Question 251: Which of the following would an IS auditor PRIMARILY review ...; Question 252: An IS auditor is reviewing a sample of production incidents ...; Question 253: When reviewing backup policies, an IS auditor MUST verify th...; Question 254: The PRIMARY benefit of using secure shell (SSH) to access a ...; Question 255: Which of the following is the BEST method to prevent wire tr...; Question 256: Which of the following types of testing would BEST mitigate ...; Question 257: Which of the following is the MOST effective approach in ass...; Question 258: Due to system limitations, segregation of duties (SoD) canno...; Question 259: IT disaster recovery lime objectives (RTOs) should be based ...; Question 260: Which of the following would be the BEST indicator of the ef...; Question 261: Which of the following should be the PRIMARY objective of a ...; Question 262: Which of the following should be the FIRST step in an organi...; Question 263: Which of the following is MOST important for an IS auditor t...; Question 264: An IS auditor conducting a follow-up audit learns that previ...; Question 265: Which of the following implementation strategies for new app...; Question 266: What is the purpose of a hypervisor?...; Question 267: An auditor is creating an audit program in which the objecti...; Question 268: Which of the following BEST indicates that an organization h...; Question 269: Which of the following BEST enables and IS auditor to review...; Question 270: An application used at a financial services organization tra...; Question 271: External experts were used on a recent IT audit engagement W...; Question 272: When is the BEST time to commence continuity planning for a ...; Question 273: An effective implementation of security roles and responsibi...; Question 274: Which of the following would be of GREATEST concern if noted...; Question 275: Which of the following evidence-gathering techniques will pr...; Question 276: What is the PRIMARY benefit of an audit approach which requi...; Question 277: During which IT project phase is it MOST appropriate to cond...; Question 278: An organization plans to receive an automated data feed into...; Question 279: During a software acquisition review, an IS auditor should r...; Question 280: When conducting a post-implementation review of a new softwa...; Question 281: Which of the following should be of GREATEST concern to an I...; Question 282: Which of the following BEST enables system resiliency for an...; Question 283: An IS auditor previously worked in an organization s IT depa...; Question 284: Which of the following is the GREATEST risk associated with ...; Question 285: An organization has implemented a quarterly job schedule to ...; Question 286: Which of the following is the MOST important consideration f...; Question 287: Which of the following audit procedures would be MOST conclu...; Question 288: The BEST indicator of an optimized quality management system...; Question 289: What is the PRIMARY benefit of prototyping as a method of sy...; Question 290: Which of the following would BEST provide executive manageme...; Question 291: Which cloud deployment model is MOST likely to be limited in...; Question 292: When determining whether a project in the design phase will ...; Question 293: Which of the following is MOST important for an IS auditor t...; Question 294: Which of the following is MOST important for an IS auditor t...; Question 295: A client/server configuration will:...; Question 296: Which of the following should an IS auditor review FIRST whe...; Question 297: When auditing the closing stages of a system development pro...; Question 298: Which of the following is the BEST source of information for...; Question 299: Which of the following is the MOST important issue for an IS...; Question 300: During data migration, which of the following BEST prevents ...; Question 301: What is the BEST method for securing credit card numbers sto...; Question 302: Which of the following should be of GREATEST concern to an I...; Question 303: Which of the following would BEST help to ensure the availab...; Question 304: Which of the following is an IS auditor's BEST recommendatio...; Question 305: Which of the following is MOST important for an IS auditor t...; Question 306: An IS auditor reviewing a high-risk business application has...; Question 307: An organization has recently converted its infrastructure to...; Question 308: An IS auditor notes that IT and the business have different ...; Question 309: An IS auditor notes that application super-user activity was...; Question 310: Which of the following controls would BEST ensure that payro...; Question 311: When evaluating the ability of a disaster recovery plan (DRP...; Question 312: Which of the following will MOST likely compromise the contr...; Question 313: Which of the following is the BEST justification for deferri...; Question 314: An IS auditor is evaluating the security of an organization'...; Question 315: An existing system is being replaced with a new application ...; Question 316: When implementing a new IT maturity model which of the follo...; Question 317: Which of the following statements appearing in an organizati...; Question 318: An organization's IT security policy requires annual securit...; Question 319: Which of the following is the MAIN risk associated with addi...; Question 320: Which of the following is the BEST way to mitigate the risk ...; Question 321: Which of the following is the PRIMARY advantage of using vir...; Question 322: What is the PRIMARY reason for conducting a risk assessment ...; Question 323: Which of the following should be the PRIMARY basis for proce...; Question 324: A software development organization with offshore personnel ...; Question 325: Which of the following is MOST important for an IS auditor t...; Question 326: Which type of control is being implemented when a biometric ...; Question 327: Which of the following is a preventive control related to ch...; Question 328: Which of the following should be of GREATEST concern to an I...; Question 329: Which of the following should be reviewed FIRST when assessi...; Question 330: Which of the following is the BEST methodology to use for es...; Question 331: A USB device containing sensitive production data was lost b...; Question 332: An IS auditor discovers that due to resource constraints, a ...; Question 333: An IS auditor is reviewing an enterprise database platform. ...; Question 334: What is the BEST control to address SQL injection vulnerabil...; Question 335: What should be the PRIMARY basis for scheduling a follow-up ...; Question 336: Which of the following is a detective control that can be us...; Question 337: An IS auditor performing an audit of backup procedures obser...; Question 338: Which of the following is the BEST indication of the complet...; Question 339: On a public-key cryptosystem when there is no previous knowl...; Question 340: An incorrect version of source code was amended by a develop...; Question 341: An IS auditor plans to review all access attempts to a video...; Question 342: One advantage of monetary unit sampling is the fact that:...; Question 343: Which of the following would be MOST useful to an IS auditor...; Question 344: Which of the following is the MOST significant risk associat...; Question 345: A vulnerability in which of the following virtual systems wo...; Question 346: An IS auditor finds that terminated users have access to fin...

Question 174/346

LEAVE A REPLY

Download PDF File