Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Please guide me what to do in this situation. Pleas note that scope of this project was the entire organization .
Answer: Fortunately, you have many approaches you can consider for performing BCP tests, which varies considering effort, resource allocation, and required confidence on tests results:
Desk check – checking the plans by means of auditing, validation, and verification techniques
Plan walk-through – checking the plans by means of team interaction
Functional testing – testing all interrelated plans for selected activities (including supplier procedures) with real resources in a controlled (announced) exercise.
Full testing – all activities are relocated from the original site to the alternative site (announced or unannounced)
Since you are doing this for the first time, I suggest you to start with Desk check and prepare a plan defining when other tests can be performed. This way you can ensure a gradual increase in tests effort, while all people involved will gain confidence in the plan and in their skills to perform it, and at the same time you can provide the required corrective and preventive actions.
This article will provide you further explanation about BCP tests:
- How to perform business continuity exercising and testing according to ISO 22301: https://advisera.com/27001academy/blog/2015/02/02/how-to-perform-business-continuity-exercising-and-testing-according-to-iso-22301/
Comment as guest or Sign in
Jul 26, 2017