Aspects of business continuity management

Objective: To counteract interruptions to business activities and to protect critical business processes from the effects of major failures of information systems or disasters and to ensure their timely resumption.

A business continuity management process should be implemented to reduce the disruption caused by disasters and security failures to an acceptable level through a combination of preventative and recovery controls.

Including information security in the business continuity management process

There should be a managed process in place for developing and maintaining business continuity throughout the organisation that addresses the organisational information security requirements.

Business continuity and risk assessment

Owners of business resources and processes should identify the impacts of a number of events that could cause interruptions to their business processes and a strategy be developed to determine the overall approach to business continuity.

Developing and implementing continuity plans including information security.

Plans should be developed to maintain or restore business operations in the required time scales identified by the business following and interruption to, or failure of, critical services.

Business continuity planning framework

A single framework of business continuity plans should be maintained to ensure that all plans are consistent.

Testing, maintaining and re-assessing business continuity plans

Business continuity plans should be regularly tested and maintained.

An Introduction To Information, Network and Internet Security
Aspects of business continuity management Objective: To counteract interruptions to business activities and to protect critical business processes from the effects of major failures of information systems or disasters and to ensure their timely resumption. A business continuity management process should be implemented to reduce the disruption caused by disasters and security failures to an acceptable level through a combination of preventative and recovery controls. Including information security in the business continuity management process There should be a managed process in place for developing and maintaining business continuity throughout the organisation that addresses the organisational information security requirements. Business continuity and risk assessment Owners of business resources and processes should identify the impacts of a number of events that could cause interruptions to their business processes and a strategy be developed to determine the overall approach to business continuity. Developing and implementing continuity plans including information security. Plans should be developed to maintain or restore business operations in the required time scales identified by the business following and interruption to, or failure of, critical services. Business continuity planning framework A single framework of business continuity plans should be maintained to ensure that all plans are consistent. Testing, maintaining and re-assessing business continuity plans Business continuity plans should be regularly tested and maintained.	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security