LIVE VIRTUAL TRAININGS
Learn in small groups from top experts and real-life examples

Expert Advice Community

Guest

Applicability of control

  Quote
Guest
Guest user Created:   Apr 12, 2018 Last commented:   Apr 12, 2018

Applicability of control

The Dutch documentation set lists a.17 Rampen Opvang Plan (Disaster Recovery Plan) as mandatory. In the Declaration of Applicability, I have listed that making an appropriate backup plan is applicable. We have that backup plan in a separate document. Do you still think I should have a disaster recovery plan, or is that more for the business continuity standard?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 12, 2018

Answer: Controls from section A.17 requires more than a plan to be fulfilled (e.g., control A.17.1.2 requires processes, procedures and other controls for maintaining adequate level of continuity), so only a backup plan is not going to be enough to the requirements of section A.17 and you must consider the devrlopmrnte of a Disaster Recovery Plan.

This article will provide you further explanation about controls selection:
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-inf ormation-security-work/

This material will also help you regarding controls selection:
- Free online training ISO 27001 Foundations Course https://training.advisera.com/course/iso-27001-foundations-course/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 12, 2018

Apr 12, 2018

Suggested Topics

Guest user Created:   Feb 20, 2018 ISO 27001 & 22301
Replies: 1
0 0

Applicability of controls

Guest user Created:   Feb 13, 2018 ISO 27001 & 22301
Replies: 1
0 0

Applicability of controls