Backup control
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Answer: ISO 27001 control A.12.3.1 - Information Backup requires the implementation of:
- a backup policy, for definition of backup requirements considering information, software and systems, as well as requirements for retention and protection of backup media.
- facilities with capability to ensure information and software recovery following a disaster or media failure.
- procedures for backup, recovery and testing procedures, as well as how to act in case of one of these procedures fail.
- a backup schedule, considering what to backup, the frequency, the type of backup (e.g. full or differential backup), all considering business needs.
It is important to note that all these definitions should be aligned with existent business continuity plans.
This article will provide you further explanation about Backup control:
- Backup policy – How to determine backup frequency https: / /advisera.com/27001academy/blog/2013/05/07/backup-policy-how-to-determ ine-backup-frequency/
This material will also help you regarding Backup control:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
Comment as guest or Sign in
Apr 22, 2017