SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Backup/Restore test evidence

  Quote
Created:   Apr 04, 2019 Last commented:   Apr 07, 2019

Backup/Restore test evidence

Hi, i was wondering what evidence a auditor would be looking for when reviewing a Backup/Restore test as advised in A.12.3? Would screenshots, a step by step procedure be sufficient? Thanks in advance.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 07, 2019

Answer:

Examples of evidences for Backup/Restore test are:
- A filled form or screenshot identifying which information was requested to be backed up, the requester, the date of request, the date when the backup was performed, the result of the backup procedure (successful / fail) and where the backup was stored.
- A general schedule of the backup to be performed, identifying which information is planned to be backed up, the requester, the dates planned for backup, and where the backup must be stored
- A filled form or screenshot identifying which information was requested to be restored, the requester, the date of request, the date when the restore was performed, and the result of the restore procedure (successful / fail)

A backup procedure can't be used as evidence, because it is the starting point from which the auditor will verify if what was planned is being executed, so the backup procedure by itself is not enough.

This article will provide you further ex planation about backup:
- Backup policy – How to determine backup frequency https://advisera.com/27001academy/blog/2013/05/07/backup-policy-how-to-determine-backup-frequency/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 04, 2019

Apr 07, 2019