Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1330 discussion

Actual exam question from Isaca's CISA
Question #: 1330
Topic #: 1
[All CISA Questions]

An organization relies on an external vendor that uses a cloud-based Software as a Service (SaaS) model to back up its data. Which of the following is the GREATEST risk to the organization related to data backup and retrieval?

  • A. The organization may be locked into an unfavorable contract with the vendor.
  • B. The organization may not be allowed to inspect the vendor's data center.
  • C. The vendor may be unable to restore critical data.
  • D. The vendor may be unable to restore data by recovery time objective (RTO) requirements.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Rachy at Jan. 24, 2024, 8:41 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
blehbleh
3 weeks, 4 days ago
Selected Answer: C
This is C. "An organization relies on an external vendor that uses a cloud-based Software as a Service (SaaS) model to back up its data. Which of the following is the GREATEST risk to the organization related to data backup and retrieval?" Answer D states restoring data. If you are restoring data that is an RPO not an RTO. one is a point in data and the other is a maximum amount of time a system can be down before a business experiences significant damage or unacceptable losses. So D, does not make sense, this is C.
upvoted 2 times
...
PurpleParrot
2 months, 1 week ago
Selected Answer: D
Not meeting RTO requirements encompasses the broader impact of both not being able to restore critical data and the timing of that restoration.
upvoted 1 times
...
46080f2
5 months ago
Selected Answer: C
My experience is that if the area is always narrowed down in a question, the best answer options are those that relate to this narrowing down. Here we have the limitation to backup and retrieval in general. D. refers to business continuity / disaster recovery. If we now weigh up the greatest risk, "C. The vendor may be unable to restore critical data" is the right answer for me.
upvoted 3 times
...
Sibsankar
5 months, 3 weeks ago
C. The vendor may be unable to restore critical data. Reliability and effectiveness in data restoration are paramount when it comes to data backup services. If the vendor is unable to restore critical data when needed, it could result in significant operational disruptions, data loss, and potentially severe consequences for the organization. Therefore, ensuring that the vendor has the capability to restore critical data is of utmost importance in mitigating risks associated with data backup and retrieval.
upvoted 1 times
...
Swallows
6 months ago
Selected Answer: C
Dependence on an external vendor for data backup and retrieval means the organization's ability to access critical data hinges on the vendor's capabilities. If the vendor encounters difficulties or failures in restoring critical data, it can lead to significant disruptions, financial losses, and reputational damage to the organization.
upvoted 1 times
...
MJORGER
7 months, 1 week ago
Selected Answer: D
D. The vendor may be unable to restore data by recovery time objective (RTO) requirements Recovery Time Objective (RTO) is a critical metric in disaster recovery and downtime tolerance.
upvoted 1 times
a84n
6 months, 2 weeks ago
Answer D In a cloud-based Software as a Service (SaaS) model, the organization often has specified Recovery Time Objectives (RTOs), which represent the maximum acceptable downtime for systems and data. If the vendor fails to restore data within the agreed-upon RTOs, it could disrupt business operations, cause financial losses, and damage customer trust. The inability of the vendor to meet RTO requirements directly impacts the organization's ability to resume operations swiftly after a data loss event. If critical data cannot be restored within the specified RTO, it could lead to extended periods of downtime, impacting productivity and potentially resulting in financial penalties if service level agreements (SLAs) are not met. Therefore, the risk that the vendor may be unable to restore data by RTO requirements (option D) is indeed significant, as it directly affects the organization's ability to recover from data loss incidents and maintain business continuity.
upvoted 2 times
...
...
Zirgelis1
8 months, 2 weeks ago
C. The vendor may be unable to restore critical data.
upvoted 1 times
...
Rachy
9 months, 3 weeks ago
Selected Answer: D
D. Recovery time objective is essential for this scenario
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel