The audit procedure that would have most likely identified the exception of critical servers not included in the central log repository is to compare a list of all servers from the directory server against a list of all servers present in the central log repository. This would allow the IS auditor to detect any discrepancies or omissions in the central log repository. The other audit procedures (A, C and D) would not be effective in identifying this exception, as they would only focus on the alerts generated, the alert settings configured, or the servers included in the previous year's audit, which may not reflect the current state of the central log repository.
References: IS Audit and Assurance Guideline 2202: Evidence Collection Techniques, CISA Review Manual (Digital Version), Chapter 5: Protection of Information Assets, Section 5.3: Logging and Monitoring

A full interruption test is the most realistic and reliable way to ensure that recovery time objectives (RTOs) are met for an organization's disaster recovery plan (DRP). RTOs are the maximum amount of time that a business can tolerate being offline after a disaster. A full interruption test involves shutting down the primary site and switching over to the backup site, simulating a real disaster scenario. This test can measure the actual time it takes to restore the systems, applications, and functions that are critical for the business continuity. A full interruption test can also reveal any issues or gaps in the DRP that might affect the recovery process.
The other options are not as effective as a full interruption test for ensuring RTOs are met. A cyber resilience test is a type of DR test that focuses on the ability to withstand and recover from cyberattacks. It does not necessarily cover other types of disasters or test the entire DRP. A tabletop test is a low-impact DR test that involves a walkthrough of the DRP with the key stakeholders and staff. It does not involve any actual switching over or testing of the backup systems. A parallel test is a type of DR test that involves running the backup systems alongside the primary systems, without disrupting the normal operations. It does not measure the time it takes to switch over or resume operations at the backup site.
References:
Best Practices For Disaster Recovery Testing
Disaster recovery testing
Disaster Recovery Testing: Everything to Know

A biometric access device installed at the entrance to a facility is a type of preventive control. Preventive controls are designed to deter or prevent undesirable events from occurring12. They are proactive measures that aim to inhibit incidents before they happen12. In this case, the biometric access device prevents unauthorized individuals from gaining access to the facility by requiring unique biological characteristics for authentication12.
References:
Guide to Biometric Access Control & Door Lock Security - Avigilon
Biometric access control: meaning, types and implementation - Smowl

The evidence collected during a digital forensic investigation would not be admissible in court if the logs failed to identify the person handling the evidence. This would violate the chain of custody principle, which requires that the evidence be properly documented, secured, and tracked throughout the investigation process.
The chain of custody ensures that the evidence is authentic, reliable, and trustworthy, and that it has not been tampered with or altered. The person who collected the evidence, whether qualified or not, is not relevant to the admissibility of the evidence, as long as they followed the proper procedures and protocols. The evidence collected by the internal forensics team can be admissible in court, as long as they are independent, objective, and competent. The evidence does not need to be fully backed up using a cloud-based solution prior to the trial, as long as it is preserved and protected from damage or loss. References: ISACA Journal Article: Digital Forensics: Chain of Custody

Parallel simulation involves running the same data through two systems and comparing the results1. In this case, the bank's data would be processed using both the modified interest calculation program and an audit software. The results from both systems would then be compared to check for discrepancies1. This technique provides strong evidence of the correctness of interest calculations as it directly tests the program's output against a known and trusted output1. While source code review23, manual verification of a sample of results4567, and review of QA test results8910 can also provide valuable insights, they do not offer the same level of direct, comparative evidence as parallel simulation1.
References:
Parallel simulation in IT testing - Universal CPA Review
5 code review best practices - Work Life by Atlassian
How to Make Good Code Reviews Better - Stack Overflow
Guidelines for the validation and verification of quantitative and qualitative test methods - Mathematics LibreTexts Method Validation and Verification - University of Utah Sample Procedure for Method Validation - NIST Method validation and verification - CFS Good Practices for Quality Assurance Reviewers: Assessing Evidence of Supervisory Review - IGNET How do quality assurance engineers test calculations? - Software Quality Assurance & Testing Stack Exchange Quality Assurance/Quality Control (QA/QC) Plan and Procedures - UNFCCC