ISO 24762 PDF

Information Technology – Security Techniques – Guidelines for Information and Communications Technology Disaster Recovery Services. ISO/IEC. First edition. Information technology — Security techniques — Guidelines for information and communications technology disaster. ISO defines requirements for implementing, operating, monitoring and maintaining ICT disaster recovery services for ICT disaster recovery and ICT.

Author: Yoshakar Zulkis
Country: Sweden
Language: English (Spanish)
Genre: Life
Published (Last): 9 January 2018
Pages: 197
PDF File Size: 14.14 Mb
ePub File Size: 17.28 Mb
ISBN: 897-3-76600-910-4
Downloads: 92772
Price: Free* [*Free Regsitration Required]
Uploader: Dozuru

Creative security awareness materials for your ISMS.

ISO 24762 for IT Disaster Recovery

PECB is ready to 224762 you. Shell Georgia – ISO The standard encompasses all events and incidents not just information security related that could have an impact on ICT infrastructure and systems. Those who have multiple recovery sites, the guidance should be equally applied jso each and every site.

Resilience in the information risk and security context is about the organization being able to bend rather than break. Please download Chrome or Firefox or view our browser tips. ICT DR service provision, irrespective of whether it is provided in-house or outsourced, should follow best practice guidelines as outlined in this clause.

Besides covering basic physical facility requirements, requirements for environmental controls, telecommunications, continuous power supply and non-recovery amenities such as parking and accessibility to food and drinks also need to be considered.

There is also guidance on selecting a recovery site and advice on continuous service improvement. Learn more about the cookies we use and how to change your settings. Six Sigma Green Belt You may find similar items within these categories by selecting from the choices below:. Finally, it provides incentives to the professional to constantly improve their skills and knowledge, and serves as a tool for employers to ensure that training and awareness have been effective.

When an organization implements an ISMS the risks of interruptions to business activities for any reason should always be identified. Although this standard mentions resilience to as well as recovery from disastrous situations and it will be part of the title at the next releasethe coverage on resilience is light, perhaps because of the strange definition: The adaption of an effective Disaster Recovery plan within an organization will have benefits in a number of areas, examples of which include: Such additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis and are 2476 subject of detailed contract negotiations between organizations and their ICT DR service providers and are not within the scope of this International Isoo.


According to Ksobusiness continuity management is an integral part of any holistic risk management process and involves:. With this guidance, ISO supports the operation of an information security management system by addressing the information security and availability aspects of business continuity management in time of crisis.

Selection of recovery sites.

ISO for IT Disaster Recovery – Whittington & Associates

Click to learn more. With ISOorganizations will be able to build resilience into their information and communications technology infrastructure critical to their key business activities. For more information, see the other standards page. This clause provides guidance for: Resilience 247662 including widely-applicable and sound engineering concepts such as redundancy, robustness and flexibility ensure that vital business operations are not materially degraded or halted by incidents – they keep right on running.

It therefore extends the oso of information security incident handling and management, ICT readiness planning and services. Safety measures, Data processing, Data security, Information exchange, Management operations, Risk assessment, Business continuity, Business facilities, Communication technology, Data transmission, Information.

ISO/IEC business continuity standard

Information security management is the process by which management aims to achieve effective confidentiality, integrity and availability of information and service. Visit our Help Center. Such fallback arrangements may include arrangements with third parties in the form of reciprocal agreements, or commercial subscription services.

A new standard, ISOwill help businesses deal with the unexpected and safeguard their reputation, brand, and value-creating activities. If the guidelines are followed, there will be assurance that the ICT DR services have been implemented after due consideration of unforeseen events that could affect the ability to fulfill service obligations, and related risk mitigation via prior arrangement with other service providers in the industry. Health, Safety and Environment.


BS ISO/IEC 24762:2008

Take the smart route to manage medical device compliance. As with all major undertakings within an organization, it is essential to gain the backing and sponsorship of the executive management.

It helps define the supporting infrastructure and services capability.

ISO is complemented by two other standards providing control objectives for information security aspects of business continuity management to further reduce risk:. This include having a qualified staff, the capacity to support simultaneous invocations of DR plans by different organizations, all capabilities isso services offered to organizations audited on a regular basis, and their own fully documented and tested business continuity, including Disaster Recovery, and plans in place.

It also allows organizations make an informed selection of employees or services based on the competencies that are represented by the certification designation. Outsourced service provider’s capability Outsourced ICT DR Service providers io provide the basic service capabilities required by organizations.

BoxWindermere, FL Guidelines for information and communications technology disaster recovery services.

The standard incorporates the cyclical PDCA approach, extending the conventional business continuity planning process to take greater account of ICT. In planning for business continuity, the fallback arrangements for information processing and communication facilities become beneficial during periods of minor outages izo essential for ensuring information and service availability during a disaster or failure for the complete recovery of activities over a period of time.

These include building construction, security measures, provision lso infrastructure services such as power, water and telecommunications, and environmental controls. The faster, easier way to work with standards. You may experience issues viewing this site in Internet Explorer 9, 10 or