Information Technology – Security Techniques – Guidelines for Information and Communications Technology Disaster Recovery Services. ISO/IEC. First edition. Information technology — Security techniques — Guidelines for information and communications technology disaster. ISO defines requirements for implementing, operating, monitoring and maintaining ICT disaster recovery services for ICT disaster recovery and ICT.
| Author: | Moogudal Zulkinos |
| Country: | Papua New Guinea |
| Language: | English (Spanish) |
| Genre: | History |
| Published (Last): | 26 March 2015 |
| Pages: | 463 |
| PDF File Size: | 19.21 Mb |
| ePub File Size: | 19.69 Mb |
| ISBN: | 833-3-97136-379-5 |
| Downloads: | 82092 |
| Price: | Free* [*Free Regsitration Required] |
| Uploader: | Gogul |
This clause provides guidance for: For more information, see the other standards page.
With this guidance, ISO supports the operation of an information security iao system by addressing the information security and availability aspects of business continuity management in time of crisis. The standard serves as a framework for companies like hot site firms, cold site firms, managed services firms, collocation service providers, and alternate work space providers.
It helps define the supporting infrastructure and services capability.
BoxWindermere, FL When an organization implements an ISMS the risks of interruptions to business activities for any reason should always be identified. Outsourced service provider’s capability Outsourced ICT DR Service providers should provide the basic service capabilities required by organizations.
Such additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis 247622 are the subject of detailed contract negotiations between organizations and their ICT DR service providers and are not within the scope of this International Standard.
Governance, Risk and Compliance. Please download Chrome or Firefox or view our browser 2472. A new standard, ISOwill help businesses deal with the unexpected and safeguard their reputation, brand, and value-creating activities.
ISO for IT Disaster Recovery – Whittington & Associates
Creative security awareness materials for your ISMS. Take the smart route to manage medical device compliance. According to ISObusiness continuity management is an integral part of any holistic risk management process and involves:. Search all products by.
BS ISO/IEC 24762:2008
By far the best way to achieve this is to illustrate the positive gains of having an effective Disaster Recovery plan in place, rather than through highlighting the negative aspects of the contrary. The fallback arrangements included in the standard will help out during periods of minor outages and, more importantly, will play an essential role in ensuring information and 24672 availability during a disaster or failure, and for a long-term complete recovery of activities.
ISO is complemented by two other standards providing control objectives for information security aspects of business continuity management to further reduce risk:. As with all major undertakings within an organization, it is essential to gain the backing and sponsorship of the executive management. ICT DR service provision, irrespective of whether it is provided in-house or outsourced, should follow best practice guidelines as outlined in this clause.
Besides covering basic physical facility requirements, requirements for environmental controls, telecommunications, continuous power supply and non-recovery amenities such as parking and accessibility to food and is also need to be considered.
Information security management is the process by which management aims to achieve effective confidentiality, integrity and availability of information and service.
ISO 24762 for IT Disaster Recovery
Shell Georgia – ISO It specifies the requirements for implementing, operating, monitoring and maintaining ICT DR services and facilities, the capabilities which outsourced ICT DR service providers should possess and the practices they should follow.
Is it really that hard? There is also guidance on selecting a recovery site and advice on continuous service improvement. If the guidelines are followed, there will be assurance that the ICT DR services have been implemented after due consideration of unforeseen events that could affect the ability to fulfill service obligations, and related risk mitigation via prior arrangement with other service providers in the industry.
ISO/IEC business continuity standard
Health, Safety and Environment. Personal comments It is unclear how valuable this standard is, given that ISO does such a good job in this area.
The adaption of an effective Disaster Recovery plan within an organization will have benefits in a number of areas, examples of which include: And it applies to: Visit our Help Center. These include building construction, security measures, provision of infrastructure services such as power, water and telecommunications, and environmental controls.
ICT is prevalent and many organizations are highly dependent on ICT supporting critical business processes; ICT also supports incident, business continuity, disaster and emergency response, and related management processes; Business continuity planning is incomplete without adequately considering and protecting ICT availability and continuity.