Information Technology – Security Techniques – Guidelines for Information and Communications Technology Disaster Recovery Services. ISO/IEC. First edition. Information technology — Security techniques — Guidelines for information and communications technology disaster. ISO defines requirements for implementing, operating, monitoring and maintaining ICT disaster recovery services for ICT disaster recovery and ICT.

Author: Melar Mezizilkree
Country: Slovenia
Language: English (Spanish)
Genre: History
Published (Last): 27 September 2007
Pages: 393
PDF File Size: 15.42 Mb
ePub File Size: 9.28 Mb
ISBN: 639-9-67192-944-6
Downloads: 59817
Price: Free* [*Free Regsitration Required]
Uploader: Mejora

Service providers should continuously improve their service through the following: ISO focuses on recovering operations during and after the loss, meanwhile ISO on processes in preparation for handling a disaster.

With this guidance, ISO supports the operation of an information security management system by addressing the information security and availability aspects of business continuity management in time of crisis.

Creative security awareness materials for your ISMS.

Planning for Disaster Recovery is the key aspect that differentiates organizations that can manage the crises with minimal cost and effort, and maximum speed; and those that are willing to pay whatever cost for their recovery and that are enforced to make decision out of desperation. Click to learn more. The standard encompasses all events and incidents not just information security related that could have an impact on ICT infrastructure and systems.

Selection of recovery sites. This linkage may support the establishment of IRBC and also avoid any dual processes for the organization.

Visit our Help Center. ICT is prevalent and many organizations are highly dependent on ICT iiso critical business processes; ICT also supports incident, business continuity, disaster and emergency response, and related management processes; Business continuity planning is incomplete without adequately considering and protecting ICT availability and continuity.


This will complement their Business Continuity Management initiative to ios manage relevant risks possibly interrupting their business activities and their Information Security Management initiative to effectively protect the confidentiality, integrity, and availability of information. ICT DR service provision, irrespective of whether it is provided in-house or outsourced, should follow best practice guidelines as outlined in this clause.

Guidelines for information and communications technology disaster recovery services.

BS ISO/IEC 24762:2008

It serves to demonstrate that the certified professional holds defined competencies based on best practices. It covers a broad range of issues that vendors should address to ensure their service offerings are protected. Search hundreds of articles in our extensive Newsletter Archive. This website is best viewed isi browser version of up to Microsoft Internet Explorer 8 or Firefox 3. Information security risk management BS BoxWindermere, FL Take the smart route to manage medical device compliance.

Resilience in the information risk and security context is about the organization being able to bend rather isi break. Governance, Risk and Compliance. Is it really that hard? ISO is complemented by two other standards providing control objectives for information security aspects of business ixo management to further reduce risk: The standard serves as a framework for companies like hot site firms, cold site firms, managed services firms, collocation service providers, and alternate work space providers.

Outsourced service provider’s capability Outsourced ICT DR Service providers should provide the basic service isk required by organizations. Shell Georgia – ISO The standard incorporates the cyclical PDCA approach, extending the conventional business continuity planning process to take greater account of ICT.

That control objective is supported by controls to be selected and implemented as part of the ISMS process. Worldwide Standards We can source any standard from anywhere in the world.

You may experience issues viewing this site in Internet Explorer 9, 10 or And it applies to: This include having a qualified staff, the capacity to support simultaneous invocations of DR plans by different organizations, all capabilities and services offered to organizations audited on a regular basis, and their own fully documented and tested business continuity, including Disaster Recovery, and plans in place. When an organization implements an ISMS the risks of interruptions to business activities for any reason should always be identified.


Search all products by. It helps define the supporting infrastructure and services capability.

ISO for IT Disaster Recovery – Whittington & Associates

Although this standard mentions resilience to as well as recovery from disastrous situations and it will be part of the title at the next idothe coverage on resilience is light, perhaps because of the strange definition: As with all major undertakings within an organization, it is essential to gain the backing and sponsorship of ios executive management.

Such fallback arrangements may include arrangements with third parties in the form of reciprocal agreements, or commercial subscription services. ICT Disaster Recovery facilities.

There is also guidance on selecting a recovery site and advice on continuous service improvement. Besides covering basic physical facility requirements, requirements for environmental controls, telecommunications, continuous power supply and non-recovery amenities such as parking and accessibility to food and drinks also need to be considered.

Information 24726 management is the process by which management aims to achieve effective confidentiality, integrity and availability of information and service.