An IS auditor reviewing an organization's IS disaster recovery plan should verify that it is:
A、tested every six months.
B、regularly reviewed and updated.
C、approved by the chief executive officer (CEO).
D、communicated to every department head in the organization.