Get compliant with ISO:27001 – Annex A.17 and simplify compliance for your organisation.
To ensure that the continuity of information security is integrated into the continuity of business management.
To ensure that there is a plan, in case of adverse circumstances, to continue with the information security standards and consistent information security management. Management should ensure that security requirements remain the same.
To ensure that the organisation defines, documents and executes security controls. To make sure that a sufficient management structure is in place with the authority to plan and respond to adverse events. Once requirements have been identified, policies must be implemented.
The organisation must review on-going controls on information security in order to ensure they remain productive and effective during adverse circumstances. This would be done by exercising and testing the reliability and expertise of the systems, procedures and controls. This should happen on a regular and consistent schedule.
To ensure that information processing facilities have availability. Redundancy in this case means the availability of a “backup”.
To conduct regular tests to ensure the availability of backup copies continue to function. Redundant items should be stored at the same or higher level as the originals. It is recommended to use cloud storage to preserve these items.