It Auditing: Using Controls to Protect Information Assets [IT AUDITING -OS N/D]
All data centers are susceptible to natural and man-made disasters. The preceding section focused on auditing controls that prevent disasters and system outages. This section will focus on auditing disaster recovery and will address the following:
-
System resiliency
-
Data backup and restore
-
Disaster recovery planning
From time to time, auditors are called on to review disaster recovery plan tests. As a result, we will address disaster-recovery plan testing at a high level as well.
| Note | Disaster recovery is a very deep discipline; it is important to note that the scope of this book is to touch on best practices and provide high-level audit procedures. There are several resources that can be used by auditors for additional information, including the following: http://www.drj.com/ http://www.fema.gov/ http://www.drii.org/ |