ISO 27001
Annex A.17 - Information Security Aspects of Business Continuity Management
Get compliant with ISO 27001 – Annex A.17 and simplify compliance for your organisation.
Get compliant with ISO 27001 – Annex A.17 and simplify compliance for your organisation.
This annex focuses on maintaining continuity on business management in relation to information security. Ensures that operations that rely on data and systems can be resumed and recovered after a disaster or systems failure.
To ensure that the continuity of information security is integrated into the continuity of business management.
To ensure that there is a plan, in case of adverse circumstances, to continue with the information security standards and consistent information security management. Management should ensure that security requirements remain the same.
To ensure that the organisation defines, documents and executes security controls. To make sure that a sufficient management structure is in place with the authority to plan and respond to adverse events. Once requirements have been identified, policies must be implemented.
The organisation must review on-going controls on information security in order to ensure they remain productive and effective during adverse circumstances. This would be done by exercising and testing the reliability and expertise of the systems, procedures and controls. This should happen on a regular and consistent schedule.
To ensure that information processing facilities have availability. Redundancy in this case means the availability of a “backup”.
To conduct regular tests to ensure the availability of backup copies continue to function. Redundant items should be stored at the same or higher level as the originals. It is recommended to use cloud storage to preserve these items.
©Copyright Inverifi 2023, All rights reserved. Registered in England, No: 06959535, , +44 20 4574 9908