Information Technology – Security Techniques – Guidelines for Information and Communications Technology Disaster Recovery Services. ISO/IEC. First edition. Information technology — Security techniques — Guidelines for information and communications technology disaster. ISO defines requirements for implementing, operating, monitoring and maintaining ICT disaster recovery services for ICT disaster recovery and ICT.
|Published (Last):||25 October 2009|
|PDF File Size:||11.21 Mb|
|ePub File Size:||11.30 Mb|
|Price:||Free* [*Free Regsitration Required]|
This website is best viewed with browser version of up to Microsoft Internet Explorer 8 or Firefox 3. Search all products by. Is it really that hard? Besides covering basic physical facility requirements, requirements for environmental controls, telecommunications, continuous power supply and non-recovery amenities such 42762 parking and accessibility to food and drinks also need to be considered. BoxWindermere, FL That control objective is supported by controls to be selected and implemented as part of the ISMS process.
With this guidance, ISO supports the operation of an information security management system by addressing the information security and availability aspects of business continuity management in time of crisis. By far the best way to achieve this is to illustrate the positive gains of having an effective Disaster Recovery plan in place, rather than through highlighting the negative aspects of the contrary. Please download Chrome or Firefox or view our browser tips. Service providers should continuously improve their service through the following: This will complement their Business Continuity Management initiative to better manage relevant risks possibly interrupting their business activities and their Information Security Management initiative to effectively protect the confidentiality, integrity, and availability of information.
The standard incorporates the cyclical PDCA approach, extending the conventional business continuity planning process to take greater account of ICT. Such additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis and are the subject of detailed contract negotiations between organizations and their ICT DR service providers and are not within the scope of this International Standard.
ISO/IEC business continuity standard
It specifies the requirements for implementing, operating, monitoring and maintaining ICT DR services and facilities, the capabilities which outsourced ICT DR service providers should possess and the practices they should follow.
This include having a qualified staff, the capacity to support simultaneous invocations of DR plans by different organizations, all capabilities and services offered to organizations audited on a regular basis, and their own fully documented and tested business continuity, including Disaster Recovery, and plans in place. It helps define the supporting infrastructure and 27462 capability. Continuity, Resilience, and Service Management.
BS ISO/IEC 24762:2008
This clause provides guidance for: Those who have multiple recovery sites, the guidance should be equally applied to each and every site. ICT DR service providers should interpret the intent of these guidelines within the context of the services they offer. Six Sigma Green Isi There is also guidance on selecting a recovery site and advice on continuous service improvement.
The faster, easier way to work with standards. Safety measures, Data processing, Data security, Information exchange, Management operations, Risk assessment, Business continuity, Business facilities, Communication technology, Data transmission, Information.
Lignes directrices pour les services de scours en cas de catastrophe dans les technologies de l’information et des communications. Creative security awareness materials for your ISMS. Such fallback arrangements may include arrangements with third parties in the form of reciprocal iiso, or commercial subscription services. This 224762 may support the establishment of IRBC and also avoid any dual processes for the organization.
Accept and continue Learn more about the cookies we use and how to change your settings.
ISO for IT Disaster Recovery – Whittington & Associates
Governance, Risk and Compliance. Worldwide Standards We can source any standard from anywhere in the world. PECB is ready to help you. ISO is complemented by two other standards providing control objectives for information security aspects of business continuity management to further reduce risk: It serves to demonstrate that the certified professional holds defined competencies based on best 2762.
ISO 24762 for IT Disaster Recovery
The fallback arrangements included in the standard will help out during periods of minor outages and, more importantly, will play an essential role in ensuring information and service availability during a disaster or failure, and for a long-term complete recovery of activities. Visit our Help Center.
The standard is especially suited to internal and outsourced ICT DR service providers of physical facilities and services as it describes the basic practices that ICT DR service providers should consider.
If the guidelines are followed, there will be assurance that the ICT DR services have been implemented after due consideration of unforeseen events that could affect the ability to fulfill service obligations, and related risk mitigation via prior arrangement with other service providers in the industry.
Shell Georgia – ISO Take the smart route to manage medical device compliance. Selection of recovery sites.
You 2472 find similar items within these categories by selecting from 244762 choices below:. Health, Safety and Environment. Examples of such organization requirements may include special encryption software and secured operation procedures, 2472, knowledgeable personnel and application documentation. According to ISObusiness continuity management is an integral part of any holistic risk management 2462 and involves:. Information security management is the process by which management aims to achieve effective confidentiality, integrity and availability of information and service.
The standard serves as a framework for companies like hot site firms, cold site firms, managed services firms, collocation service providers, and alternate work space providers. Personal comments It is unclear how valuable this standard is, given that ISO does such a good job in this area. It also allows organizations make an informed selection of employees or services based on the competencies that are represented by the certification designation.
Resilience in the information risk and security context is about the organization being able to bend rather than break. Resilience controls including widely-applicable and sound engineering concepts such as redundancy, robustness and flexibility ensure that vital business operations are not materially degraded or halted by incidents – they keep right on running.
Information security risk management BS