Which of the following represents the GREATEST risk created by a reciprocal agreement for
disaster recovery made between two companies?
Developments may result in hardware and software incompatibility.
Resources may not be available when needed.
The recovery plan cannot be tested.
The security infrastructures in each company may be different.
If one organization updates its hardware and software configuration, it may mean that it is no longer
compatible with the systems of the other party in the agreement. This may mean that each company
is unable to use the facilities at the other company to recover their processing following a disaster.
Resources being unavailable when needed are an intrinsic risk in any reciprocal agreement, but
this is a contractual matter and is not the greatest risk. The plan can be tested by paper-based
walkthroughs, and possibly by agreement between the companies. The difference in security
infrastructures, while a risk, is not insurmountable.