Information Technology – Security Techniques – Guidelines for Information and Communications Technology Disaster Recovery Services. ISO/IEC. First edition. Information technology — Security techniques — Guidelines for information and communications technology disaster. ISO defines requirements for implementing, operating, monitoring and maintaining ICT disaster recovery services for ICT disaster recovery and ICT.
|Published (Last):||25 July 2004|
|PDF File Size:||17.82 Mb|
|ePub File Size:||2.42 Mb|
|Price:||Free* [*Free Regsitration Required]|
It therefore extends the practices of information security incident handling and management, ICT readiness planning iwo services.
According to ISObusiness continuity management is an integral part of any holistic risk management process and involves:. A new standard, ISOwill help businesses deal with the unexpected and safeguard their reputation, brand, and value-creating activities.
BS ISO/IEC 24762:2008
This will complement their Business Continuity Management initiative to better manage relevant risks possibly interrupting their business activities and their Information Security Management initiative to effectively protect the confidentiality, integrity, and availability of information.
These include building construction, security measures, provision of infrastructure services such as power, water and telecommunications, and uso controls.
The adaption of an effective Disaster Recovery plan within an organization will have benefits in a izo of areas, examples of which include: Although this standard mentions resilience to as well as 2472 from disastrous situations and it will be part of the title at the next releasethe coverage on resilience is light, perhaps because of the strange definition: Such fallback arrangements may include arrangements with third parties in the form of reciprocal agreements, or commercial subscription services.
There are two main categories of disasters: PECB is ready to help you.
Continuity, Resilience, and Service Management. Finally, it provides incentives to the professional to constantly improve their skills and knowledge, and serves as a tool for employers to ensure that training and awareness have been effective.
ISO/IEC business continuity standard
isk Safety measures, Data processing, Data security, Information exchange, Management operations, Risk assessment, Business continuity, Business facilities, Communication technology, Data transmission, Information. This clause provides guidance for: Planning for Disaster Recovery is the key aspect that differentiates organizations that can manage the crises with minimal cost and effort, and maximum speed; and those that are willing to pay whatever cost for their recovery and that are enforced to make decision out of desperation.
Such additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis and are the subject of detailed contract negotiations between organizations and their ICT DR service providers and are not within the scope of this International Standard.
Guidelines for isso and communications technology disaster recovery services Status: ICT DR service providers should interpret the intent of these guidelines within the context of the services they offer. Shell Georgia – ISO The standard incorporates the cyclical PDCA approach, extending the conventional business continuity planning process to take greater account of ICT.
And it applies to: This linkage may support the establishment of IRBC and also avoid any dual processes for the organization. When an organization implements an ISMS the risks of interruptions to business activities for any reason should always be identified.
ISO for IT Disaster Recovery – Whittington & Associates
Service providers should continuously improve their service through the following: There is also guidance on selecting a recovery site and advice on continuous service improvement. ISO is complemented by two other standards providing control objectives for information security aspects of business continuity management to further reduce risk: It serves to demonstrate that the certified professional holds defined competencies based on best practices.
You may find similar items within these categories by selecting from the choices below:. Lignes directrices pour les services de scours en cas de catastrophe dans les technologies de l’information et des communications. Information security risk management BS Learn more about the cookies we use and how to change your settings.
Outsourced service provider’s capability Outsourced ICT DR Service providers should provide the basic service capabilities required by organizations. Worldwide Standards We can source any standard from anywhere in the world. If the guidelines are followed, there will be assurance that the ICT DR services have been implemented after due consideration of unforeseen events that could affect the ability to fulfill service obligations, and related risk mitigation via prior arrangement with other service providers in the industry.
This include having a qualified staff, the capacity to support simultaneous invocations of DR plans by different organizations, all capabilities and services offered to organizations audited on a regular basis, and their own fully documented and tested business continuity, including Disaster Recovery, and plans in place.
Selection of recovery sites. Resilience controls including widely-applicable and sound engineering concepts such as redundancy, robustness and flexibility ensure that vital business operations are not materially degraded or halted by incidents – they keep right on running.
Resilience in the information risk and security context is about the organization being able to bend rather than break. Visit our Help Center. The fallback arrangements included in the standard will help out during periods of isi outages and, more importantly, will play an essential role in ensuring information and service availability during a disaster or failure, and for a long-term complete recovery of activities.
Your basket is empty. With ISOorganizations will be able to build resilience into their isl and communications technology infrastructure critical to their key business activities.
It covers a broad range of issues that vendors should address to ensure their service offerings are protected.