Information Technology – Security Techniques – Guidelines for Information and Communications Technology Disaster Recovery Services. ISO/IEC. First edition. Information technology — Security techniques — Guidelines for information and communications technology disaster. ISO defines requirements for implementing, operating, monitoring and maintaining ICT disaster recovery services for ICT disaster recovery and ICT.
|Published (Last):||5 July 2009|
|PDF File Size:||9.53 Mb|
|ePub File Size:||17.18 Mb|
|Price:||Free* [*Free Regsitration Required]|
Guidelines for information and communications technology disaster recovery services Status: Kso additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis and are the subject of detailed contract negotiations between organizations and their ICT DR service providers and are not within the scope of this International Standard.
ISO/IEC business continuity standard
Scope and purpose The standard encompasses all events and incidents not just information security related that could have an impact on ICT infrastructure and systems. It specifies the requirements for implementing, operating, monitoring and maintaining ICT DR services and facilities, the capabilities which outsourced ICT DR service providers should possess and the practices they should follow. The standard serves as a framework for companies like hot site firms, cold site firms, managed services firms, collocation service providers, and alternate work space providers.
ICT is prevalent and many organizations are highly dependent on ICT supporting critical business processes; ICT also supports incident, business continuity, disaster and emergency response, and related management processes; Business continuity planning is incomplete without adequately considering and protecting ICT availability and continuity.
When an organization implements an ISMS the risks of interruptions to business activities for any reason should always be identified.
Shell Georgia – ISO Personal comments It is unclear how valuable this standard is, given that ISO does such a good job in this area. For more information, see the other standards page. Finally, it provides incentives to the professional to constantly improve their skills iao knowledge, and serves as a tool for employers to ensure that training and awareness have been effective.
Fires, earthquakes, and pandemics, as well as, terrorism and piracy, may cause organizations to become disaster victims at any time. ICT DR service provision, irrespective of whether it is provided in-house or outsourced, should follow best practice guidelines as outlined in this clause.
In planning for business continuity, the fallback arrangements for information processing and communication facilities become beneficial during periods of minor outages and essential for ensuring ios and service availability during a disaster or failure for the complete recovery of activities over a period of time.
These include building construction, security measures, provision of infrastructure services such as power, water and telecommunications, and environmental controls. Search hundreds of articles in our extensive Newsletter Archive. According to ISObusiness continuity management is an integral part of any holistic risk management process and involves:.
Visit our Help Center. ICT Disaster Recovery facilities.
BS ISO/IEC 24762:2008
The standard encompasses all events and incidents not just information security related that could have an impact on ICT infrastructure and systems. The faster, easier way to work with standards. This linkage may support the establishment of IRBC and also avoid any dual processes for the organization. Information security risk management BS Safety measures, Data processing, Data security, Information exchange, Management operations, Risk assessment, Business continuity, Business facilities, Communication technology, Data transmission, Information.
It helps define the supporting infrastructure and services capability. According to ISObusiness continuity management is an integral part of any holistic risk management process and involves: And it applies to: It is unclear how valuable this standard is, given that ISO does such a good job in this area.
ICT DR service providers should interpret the intent of these guidelines within the context of the services they offer. With ISOorganizations will be able to build resilience into their information and communications technology infrastructure critical to their key business activities. This clause provides guidance for: Planning for Disaster Recovery is the key aspect that differentiates organizations that can manage the crises with minimal cost and effort, and maximum speed; and those that are willing to pay whatever cost for their recovery and that are enforced to make decision out of desperation.
It covers a broad range of issues that vendors should address to ensure their service offerings are protected. As with all major undertakings within an organization, it is essential to gain the backing and sponsorship of the executive management. Is it really that hard?
It also allows organizations make an informed selection of employees or services based on the competencies that are represented by the certification designation. You may experience issues viewing this site in Internet Explorer 9, 10 or Those who have multiple recovery sites, the guidance should 247762 equally applied to each and every site.
This website is best viewed with browser version of up to Microsoft Internet Explorer 8 or Firefox 3.
ISO is complemented by two other standards providing control objectives 247762 information security aspects of business continuity management to further reduce risk:. The fallback arrangements included in the standard will help out during periods of minor outages and, more importantly, will play an essential role in ensuring information and service availability during a disaster or failure, and for a long-term complete recovery of activities.
It therefore extends the practices of 27462 security incident handling and management, ICT readiness planning and services.
ISO 24762 for IT Disaster Recovery
ISO is complemented by two other standards providing control objectives for information security aspects of business continuity management to further reduce risk: Six Sigma Green Belt The standard incorporates the cyclical PDCA approach, extending the conventional business continuity planning process to take greater account of ICT. The standard is especially suited to internal and outsourced ICT DR service ieo of physical facilities and services as it describes the basic practices that ICT DR service providers should consider.
ISO focuses on recovering operations during and after the loss, meanwhile ISO on processes in preparation for handling a disaster.
Please download Chrome or Firefox or view our browser tips. By far the best way to achieve this is to illustrate the positive gains of io an effective Disaster Recovery plan in place, rather than through highlighting the negative aspects of the contrary. There are two main categories of disasters: Your basket is empty.
Resilience in the information risk and security context is about the organization being able to bend rather than break.
Take the smart route to manage medical device compliance.