Greetings! I am a new IT Auditor and currently audits the BCP of a client. My client has no prioritization of which critical systems to be recovered in case of contingency/disaster. However, it has presented a list of priority systems that is currently addressed by its Problem Management policy. Is it acceptable to take the prioritization made in my client's Problem Management policy or do I need to ask them to formulate a separate prioritization of critical systems for BCP? Please advise. Thank you very much!
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!