CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
1. Which of the following is a practice that should be incorporated into the plan for testing disaster recovery procedures?
A) Invite client participation.
B) involve all technical staff.
C) Rotate recovery managers.
D) install locally-stored backup.
2. Disaster recovery planning (DRP) addresses the:
A) technological aspect of business continuity planning.
B) operational piece of business continuity planning.
C) functional aspect of business continuity planning.
D) overall coordination of business continuity planning.
3. An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing organization has discovered the following:-The existing disaster recovery plan was compiled two years earlier by a systems analyst in the organization's IT department using transaction flow projections from the operations department.-The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting their attention.- the plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for its area in the event of a disruptive incident.The IS auditor's report should recommend that:
A) the deputy CEO be censured for their failure to approve the plan.
B) a board of senior managers is set up to review the existing plan.
C) the existing plan is approved and circulated to all key management and staff.
D) a manager coordinates the creation of a new or revised plan within a defined time limit.
4. While reviewing the business continuity plan of an organization, an IS auditor observed that the organization's data and software files are backed up on a periodic basis. Which characteristic of an effective plan does this demonstrate?
A) Deterrence
B) Mitigation
C) Recovery
D) Response
5. Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster?
A) The alternate facility will be available until the original information processing facility is restored.
B) User management is involved in the identification of critical systems and their associated critical recovery times.
C) Copies of the plan are kept at the homes of key decision-making personnel.
D) Feedback is provided to management assuring them that the business continuity plans are indeed workable and that the procedures are current.
A) Invite client participation.
B) involve all technical staff.
C) Rotate recovery managers.
D) install locally-stored backup.
2. Disaster recovery planning (DRP) addresses the:
A) technological aspect of business continuity planning.
B) operational piece of business continuity planning.
C) functional aspect of business continuity planning.
D) overall coordination of business continuity planning.
3. An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing organization has discovered the following:-The existing disaster recovery plan was compiled two years earlier by a systems analyst in the organization's IT department using transaction flow projections from the operations department.-The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting their attention.- the plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for its area in the event of a disruptive incident.The IS auditor's report should recommend that:
A) the deputy CEO be censured for their failure to approve the plan.
B) a board of senior managers is set up to review the existing plan.
C) the existing plan is approved and circulated to all key management and staff.
D) a manager coordinates the creation of a new or revised plan within a defined time limit.
4. While reviewing the business continuity plan of an organization, an IS auditor observed that the organization's data and software files are backed up on a periodic basis. Which characteristic of an effective plan does this demonstrate?
A) Deterrence
B) Mitigation
C) Recovery
D) Response
5. Which of the following disaster recovery/continuity plan components provides the GREATEST assurance of recovery after a disaster?
A) The alternate facility will be available until the original information processing facility is restored.
B) User management is involved in the identification of critical systems and their associated critical recovery times.
C) Copies of the plan are kept at the homes of key decision-making personnel.
D) Feedback is provided to management assuring them that the business continuity plans are indeed workable and that the procedures are current.
1. Right Answer: C
Explanation: Recovery managers should be rotated to ensure the experience of the recovery plan is spread among the managers. Clients may be involved but not necessarily in every case. Not all technical staff should be involved in each test. Remote or offsite backup should always be used.
2. Right Answer: A
Explanation: Disaster recovery planning (DRP) is the technological aspect of business continuity planning. Business resumption planning addresses the operational part of business continuity planning.
3. Right Answer: D
Explanation: The primary concern is to establish a workable disaster recovery plan, which reflects current processing volumes to protect the organization from any disruptive incident. Censuring the deputy CEO will not achieve this and is generally not within the scope of an IS auditor to recommend.Establishing a board to review the plan, which is two years out of date, may achieve an updated plan, but is not likely to be a speedy operation, and issuing the existing plan would be folly without first ensuring that it is workable. The best way to achieve a disaster recovery plan in a short time is to make an experienced manager responsible for coordinating the knowledge of other managers into a single, formal document within a defined time limit.
4. Right Answer: B
Explanation: An effective business continuity plan includes steps to mitigate the effects of a disaster. Files must be restored on a timely basis for a backup plan to be effective.An example of deterrence is when a plan includes installation of firewalls for information systems. An example of recovery is when a plan includes an organization's hot site to restore normal business operations.
5. Right Answer: A
Explanation: The alternate facility should be made available until the original site is restored to provide the greatest assurance of recovery after a disaster. Without this assurance, the plan will not be successful. All other choices ensure prioritization or the execution pf the plan.
Explanation: Recovery managers should be rotated to ensure the experience of the recovery plan is spread among the managers. Clients may be involved but not necessarily in every case. Not all technical staff should be involved in each test. Remote or offsite backup should always be used.
2. Right Answer: A
Explanation: Disaster recovery planning (DRP) is the technological aspect of business continuity planning. Business resumption planning addresses the operational part of business continuity planning.
3. Right Answer: D
Explanation: The primary concern is to establish a workable disaster recovery plan, which reflects current processing volumes to protect the organization from any disruptive incident. Censuring the deputy CEO will not achieve this and is generally not within the scope of an IS auditor to recommend.Establishing a board to review the plan, which is two years out of date, may achieve an updated plan, but is not likely to be a speedy operation, and issuing the existing plan would be folly without first ensuring that it is workable. The best way to achieve a disaster recovery plan in a short time is to make an experienced manager responsible for coordinating the knowledge of other managers into a single, formal document within a defined time limit.
4. Right Answer: B
Explanation: An effective business continuity plan includes steps to mitigate the effects of a disaster. Files must be restored on a timely basis for a backup plan to be effective.An example of deterrence is when a plan includes installation of firewalls for information systems. An example of recovery is when a plan includes an organization's hot site to restore normal business operations.
5. Right Answer: A
Explanation: The alternate facility should be made available until the original site is restored to provide the greatest assurance of recovery after a disaster. Without this assurance, the plan will not be successful. All other choices ensure prioritization or the execution pf the plan.
0 Comments
Leave a comment
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
