Information Technology – Security Techniques – Guidelines for Information and Communications Technology Disaster Recovery Services. ISO/IEC. First edition. Information technology — Security techniques — Guidelines for information and communications technology disaster. ISO defines requirements for implementing, operating, monitoring and maintaining ICT disaster recovery services for ICT disaster recovery and ICT.
|Published (Last):||23 September 2011|
|PDF File Size:||17.85 Mb|
|ePub File Size:||5.73 Mb|
|Price:||Free* [*Free Regsitration Required]|
Personal comments It is unclear how valuable this standard is, given that ISO does such a good job in this area.
ISO is complemented by two other standards providing control objectives for information security aspects of business continuity management to further reduce risk: Fires, earthquakes, and pandemics, as well as, terrorism and piracy, may iao organizations to become disaster victims at any time.
Scope and purpose The standard isp all events and incidents not just information security related that could lso an impact on ICT infrastructure and systems.
Lignes directrices pour les services de scours en cas de catastrophe dans les technologies de l’information et des communications. Besides covering basic physical facility requirements, requirements for environmental controls, telecommunications, continuous power supply and non-recovery amenities such as parking and accessibility to food and drinks also need to be considered.
According to ISObusiness continuity management is an integral part of any holistic risk management 2472 and involves:. The standard iwo as a framework for companies like hot site firms, cold site firms, managed services firms, collocation service providers, and alternate work space providers. ISO is complemented by two other standards providing control objectives for information security aspects of business continuity management to further reduce risk:.
In planning for business continuity, the fallback arrangements for information processing and communication facilities become beneficial during periods of minor outages and essential for ensuring information and service availability during a disaster or failure for the complete recovery of activities over a period of time. Such fallback arrangements may include arrangements with third parties in the form of reciprocal agreements, or commercial subscription services.
Click to learn more. ICT DR service provision, irrespective of whether it is provided in-house or outsourced, should follow best practice guidelines as outlined in this clause. Creative security awareness materials for your ISMS. ISO focuses on recovering operations during and after the loss, meanwhile ISO on processes in preparation for handling a disaster.
ICT DR service providers should interpret the intent of these guidelines within the context of the services they offer. Learn more about the cookies we use and how to change your settings. The standard incorporates isso cyclical PDCA approach, extending the conventional business continuity planning process to take greater account of ICT.
ISO 24762 for IT Disaster Recovery
Outsourced service provider’s capability Outsourced ICT DR Service providers should provide the basic service capabilities required by organizations. Such additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis and are the subject of detailed contract negotiations between organizations and their ICT DR service providers and lso not within the scope of this International Standard.
Please download Chrome or Firefox or view our browser tips. Governance, Risk and Compliance. That control objective is supported by controls to be selected and implemented as part of the ISMS process.
ISO for IT Disaster Recovery – Whittington & Associates
27462 hundreds of articles in our extensive Io Archive. The adaption of an effective Disaster Recovery plan within an organization will have benefits in a number of areas, examples of which include: Your basket is empty. It therefore extends the practices of information security incident handling and management, ICT readiness planning and services. With ISOorganizations will be able to build resilience into their information and communications technology infrastructure critical to their key business activities.
PECB is ready to help you. Find Similar Items This product falls into the following categories. This will complement their 2762 Continuity Management initiative to better manage relevant risks possibly interrupting their business activities and their Information Security Management initiative to effectively protect the confidentiality, integrity, and availability of information. Is it really that hard?
There is also guidance on selecting a recovery site and advice on continuous service improvement. You may experience issues viewing this site in Internet Explorer 9, 10 or Those who have multiple recovery sites, the guidance should be equally applied to each and every site. For more information, kso the other standards page.
Finally, it provides incentives to the professional to constantly improve their skills and knowledge, and serves as a tool for employers to ensure that training and awareness have been effective. Information security management is the process by which management aims to achieve effective confidentiality, integrity and availability of information and service. The standard encompasses all events and incidents not just information security related that could have an impact on ICT infrastructure and systems.
ICT Disaster Recovery facilities. There are two main categories of disasters: ICT is prevalent and many organizations are 2472 dependent on ICT supporting critical business processes; ICT also supports incident, business continuity, disaster and emergency response, and related management processes; Business continuity 24726 is incomplete without adequately considering and protecting ICT availability and continuity.
Resilience in the information risk and security context is about the organization being able to bend rather than break. It serves to demonstrate that the certified professional holds defined competencies based on best practices.
Accept and continue Learn more about the cookies we use and how to change your settings. Search all products by. Continuity, Resilience, and Service Management. Six Sigma Green Belt