As the ERP system owner, you are developing the information system contingency plan and evaluating how soon the system should be recovered and how much data should be restored. Which of the following should you determine first to guide the recovery process? (Wentz QOTD)
A. Work recovery time
B. Recovery time objective
C. Service delivery objective
D. Maximum tolerable downtime
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. Maximum tolerable downtime.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
A business process that supports the delivery of products or services typically depends on one or more resources. The max tolerable downtime of a business process as a constraint is determined by business people, which drives the setting of recovery objectives of dependent resources.
作為 ERP 系統所有者，您正在製定信息系統應急計畫(ISCP)並評估系統應該多久恢復以及應該回存多少數據。 您應該首先確定以下哪項來指導恢復(recovery)過程？ (Wentz QOTD)