Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

Question of the day - 10 April

CISM Candidates - test your knowledge and exam preparedness with this practice question.

Which of the following would a security manager establish to determine the target for restoration of normal processing?

A. Recovery time objective (RTO)

B. Maximum tolerable outage (MTO)

C. Recovery point objectives (RPOs)

D. Services delivery objectives (SDOs)

You must sign in to rate content.
(1 ratings)

Comments

RE: Question of the day - 10 April

I choose A because RTO is the length of time from the moment of interruption thru normal processing is in place before crossing the acceptable levels of any impact.
VENCISLAV DIMKINEnergizer at 4/10/2017 6:32:28 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

I would also pick (A) RTO. However, sometimes in the manual I understand that RTO is the amount of time to recover an acceptable level of normal operation (Chapter 2). Other times, I read "the length of time from the interruption to the time that the process must be functioning at a service level sufficient to limit financial and operational impacts to an acceptable level" (chapter 4). This one does not sound like normal processing to it. I think this description refers to working on alternate mode.

Omar795Influential at 4/10/2017 11:33:55 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

In Chapter 4, it also defines RTO as "the amount of time allowed for the recovery of a business function or resource to a predefined operational level after a disaster occurs". Again, it does not sound like restoring to normal processing. I understand it means organization is still working in reduced mode.
Any comments that could help clarify this?
Omar795Influential at 4/10/2017 11:36:59 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

Thank you to those who shared answers and thoughts on this question. The answer is A and the official explanation is . . .

Recovery time objective (RTO) is the length of time from the moment of an interruption until the time the process must be functioning at a service level sufficient to limit financial and operational impacts to an acceptable level. Maximum tolerable outage (MTO) is the maximum time for which an organization can operate in a reduced mode. Recovery point objectives (RPOs) relate to the age of the data required for recovery. Services delivery objectives (SDOs) are the levels of service required in reduced mode.

My personal opinion - I too think that the phrase "normal processing" in the question causes some confusion. The definitions from the ISACA glossary are reproduced below and my approach was to learn and understand the definitions so that I was as prepared as I could be for whatever the exam threw at me. After all these are practice questions rather than actual exam questions.

Recovery time objective (RTO) - The amount of time allowed for the recovery of a business function or resource after a disaster occurs.

Service delivery objective (SDO) - Directly related to the business needs, SDO is the level of services to be reached during the alternate process mode until the normal situation is restored.

Maximum tolerable outages (MTO) - Maximum time that an enterprise can support processing in alternate mode.

Peter O'TooleInfluential at 4/11/2017 7:13:08 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

Thanks for the feedback. I agree that understanding the official definitions is the best thing to do. 

Omar795Influential at 4/11/2017 9:21:38 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 10 April

Thanks for the feedback. I agree that understanding the official definitions is the best thing to do. 

Omar795Influential at 4/11/2017 9:21:38 AM Quote
You must sign in to rate content.
(Unrated)

RE: Question of the day - 10 April

Thank you to those who shared answers and thoughts on this question. The answer is A and the official explanation is . . .

Recovery time objective (RTO) is the length of time from the moment of an interruption until the time the process must be functioning at a service level sufficient to limit financial and operational impacts to an acceptable level. Maximum tolerable outage (MTO) is the maximum time for which an organization can operate in a reduced mode. Recovery point objectives (RPOs) relate to the age of the data required for recovery. Services delivery objectives (SDOs) are the levels of service required in reduced mode.

My personal opinion - I too think that the phrase "normal processing" in the question causes some confusion. The definitions from the ISACA glossary are reproduced below and my approach was to learn and understand the definitions so that I was as prepared as I could be for whatever the exam threw at me. After all these are practice questions rather than actual exam questions.

Recovery time objective (RTO) - The amount of time allowed for the recovery of a business function or resource after a disaster occurs.

Service delivery objective (SDO) - Directly related to the business needs, SDO is the level of services to be reached during the alternate process mode until the normal situation is restored.

Maximum tolerable outages (MTO) - Maximum time that an enterprise can support processing in alternate mode.

Peter O'TooleInfluential at 4/11/2017 7:13:08 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

In Chapter 4, it also defines RTO as "the amount of time allowed for the recovery of a business function or resource to a predefined operational level after a disaster occurs". Again, it does not sound like restoring to normal processing. I understand it means organization is still working in reduced mode.
Any comments that could help clarify this?
Omar795Influential at 4/10/2017 11:36:59 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

I would also pick (A) RTO. However, sometimes in the manual I understand that RTO is the amount of time to recover an acceptable level of normal operation (Chapter 2). Other times, I read "the length of time from the interruption to the time that the process must be functioning at a service level sufficient to limit financial and operational impacts to an acceptable level" (chapter 4). This one does not sound like normal processing to it. I think this description refers to working on alternate mode.

Omar795Influential at 4/10/2017 11:33:55 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

I choose A because RTO is the length of time from the moment of interruption thru normal processing is in place before crossing the acceptable levels of any impact.
VENCISLAV DIMKINEnergizer at 4/10/2017 6:32:28 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

I would also pick (A) RTO. However, sometimes in the manual I understand that RTO is the amount of time to recover an acceptable level of normal operation (Chapter 2). Other times, I read "the length of time from the interruption to the time that the process must be functioning at a service level sufficient to limit financial and operational impacts to an acceptable level" (chapter 4). This one does not sound like normal processing to it. I think this description refers to working on alternate mode.

Omar795Influential at 4/10/2017 11:33:55 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

Thank you to those who shared answers and thoughts on this question. The answer is A and the official explanation is . . .

Recovery time objective (RTO) is the length of time from the moment of an interruption until the time the process must be functioning at a service level sufficient to limit financial and operational impacts to an acceptable level. Maximum tolerable outage (MTO) is the maximum time for which an organization can operate in a reduced mode. Recovery point objectives (RPOs) relate to the age of the data required for recovery. Services delivery objectives (SDOs) are the levels of service required in reduced mode.

My personal opinion - I too think that the phrase "normal processing" in the question causes some confusion. The definitions from the ISACA glossary are reproduced below and my approach was to learn and understand the definitions so that I was as prepared as I could be for whatever the exam threw at me. After all these are practice questions rather than actual exam questions.

Recovery time objective (RTO) - The amount of time allowed for the recovery of a business function or resource after a disaster occurs.

Service delivery objective (SDO) - Directly related to the business needs, SDO is the level of services to be reached during the alternate process mode until the normal situation is restored.

Maximum tolerable outages (MTO) - Maximum time that an enterprise can support processing in alternate mode.

Peter O'TooleInfluential at 4/11/2017 7:13:08 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

I choose A because RTO is the length of time from the moment of interruption thru normal processing is in place before crossing the acceptable levels of any impact.
VENCISLAV DIMKINEnergizer at 4/10/2017 6:32:28 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

In Chapter 4, it also defines RTO as "the amount of time allowed for the recovery of a business function or resource to a predefined operational level after a disaster occurs". Again, it does not sound like restoring to normal processing. I understand it means organization is still working in reduced mode.
Any comments that could help clarify this?
Omar795Influential at 4/10/2017 11:36:59 AM Quote
You must sign in to rate content.
(1 ratings)

RE: Question of the day - 10 April

Thanks for the feedback. I agree that understanding the official definitions is the best thing to do. 

Omar795Influential at 4/11/2017 9:21:38 AM Quote
You must sign in to rate content.
(Unrated)

Leave a Comment

* required

You must login to leave a comment.