Watch this video on YouTube
An IS Auditor is reviewing an organization's business continuity plan (BCP). During the assessment, the Auditor discovers that the BCP has not been tested for several years. What is the primary risk associated with not regularly testing the BCP?