An organization`s data retention policy states that all data will be backed up, retained for 10 years, and then destroyed. When conducting an audit of the long-term offsite backup program, an IS auditor should: 

Answer options:

A. verify that business owners review data before it is destroyed.
B. verify that there is a process to ensure readability and restore capability.
C. confirm that business interruption insurance coverage is in place.
D. review data classification schemes for appropriate security levels.

B