ISO 24762 PDF

Information Technology – Security Techniques – Guidelines for Information and Communications Technology Disaster Recovery Services. ISO/IEC. First edition. Information technology — Security techniques — Guidelines for information and communications technology disaster. ISO defines requirements for implementing, operating, monitoring and maintaining ICT disaster recovery services for ICT disaster recovery and ICT.

Author: Digal JoJoll
Country: Algeria
Language: English (Spanish)
Genre: Art
Published (Last): 1 February 2016
Pages: 430
PDF File Size: 6.42 Mb
ePub File Size: 12.23 Mb
ISBN: 648-8-62310-194-1
Downloads: 17799
Price: Free* [*Free Regsitration Required]
Uploader: Tahn

Guidelines for information and communications technology disaster recovery services.

Resilience controls including widely-applicable and sound engineering concepts such as redundancy, robustness and flexibility ensure that vital business operations are not materially degraded or halted by incidents – they keep right on running. If the guidelines are followed, there will be assurance that the ICT DR services have been implemented after due consideration of unforeseen events that could affect the ability to fulfill service obligations, and related risk mitigation via prior arrangement with other service providers in the industry.

Information security risk management BS ISO is complemented by two other standards providing control objectives for information security aspects of business continuity management to further reduce risk:.

There are two main categories of disasters: Lignes directrices pour les services de scours en cas de catastrophe dans les technologies de l’information et des communications. 247662 of such organization requirements may include special encryption software and secured operation procedures, equipment, knowledgeable personnel and application documentation.

The standard incorporates the cyclical PDCA approach, extending the conventional business continuity planning process to take greater account of ICT. Shell Georgia – ISO Resilience in the information risk and security context is about the organization being able to bend rather than break.

It is unclear how valuable this standard is, given that ISO does such 24672 good job in this area. Personal comments It is unclear how valuable this standard is, given that ISO does such a good job in ido area. Please download Chrome or 2462 or view our browser tips. Although this standard mentions resilience to as well as recovery from disastrous situations and it will be part of the title at the next releasethe 2476 on resilience is light, perhaps because of the strange definition: ISO focuses on recovering operations during and after the loss, meanwhile ISO on processes in preparation for handling a disaster.


With ISOorganizations will be able to build resilience into their information and communications technology infrastructure critical to their key business activities. Service providers should continuously improve their service through the following: Learn more about the cookies we use and how to change your settings. For more information, see the other standards page.

Besides covering basic physical facility requirements, requirements for environmental controls, telecommunications, continuous power supply and non-recovery amenities such as parking and accessibility to food and drinks kso need to be considered.

ISO 24762 for IT Disaster Recovery

Worldwide Standards We can source any standard from anywhere in the world. ICT DR service provision, irrespective of whether it is provided in-house or outsourced, should follow best practice guidelines as outlined in this clause. That control objective is supported by controls to be selected and implemented as part of the Sio process. It serves to demonstrate that the certified professional holds defined competencies based on best practices.

You may find similar items within these categories by selecting from the choices below:. Search all products by. This include having a qualified staff, the capacity to support simultaneous invocations of DR plans by different organizations, all capabilities and services offered to organizations audited on a regular basis, and their own 27462 documented and tested business continuity, including Disaster Recovery, and plans in place.

Your basket is empty.

Accept and continue Learn more about the cookies we use and how to change your settings. Selection of recovery sites. When an organization implements an ISMS 224762 risks of interruptions to business activities for any reason should always be identified.


Take the smart route to manage medical device compliance. We use cookies to make our website easier to use and to better understand your needs. There is also guidance on selecting a recovery site and advice on continuous service improvement. According to ISObusiness continuity management io an integral part of any holistic risk management process and involves: As with all major undertakings within an organization, it is essential to gain the backing and sponsorship of the executive management.

The faster, easier way to work with standards. Information security management is the process by which management aims to achieve effective confidentiality, integrity and availability of information and service.

ISO for IT Disaster Recovery – Whittington & Associates

Is it really that hard? It covers a broad range of issues that vendors should address to ensure their service offerings are protected. The fallback arrangements included in the standard will help out during periods of minor outages and, more importantly, will play an essential role in ensuring information and service availability during a disaster or failure, and for a long-term complete recovery of activities. This linkage may support the establishment of IRBC and also avoid any dual processes for the organization.

The standard encompasses all events and incidents not just information security isso that could have an impact on ICT infrastructure and systems.

Planning for Disaster Recovery is the key aspect that differentiates organizations that can manage the crises with minimal cost and effort, and maximum speed; and those that are willing to pay whatever cost for their recovery and that are enforced to make decision out of desperation.