ISO 27001/ISO 22301 BUSINESS CONTINUITY PLAN
Define the steps for recovering your business from disruption.
Get it now 
ISO 27001/ISO 22301 BUSINESS CONTINUITY PLAN
Define the steps for recovering your business from disruption.
Get it now
ISO 27001/ISO 22301 BUSINESS CONTINUITY PLAN
Define the steps for recovering your business from disruption.
Get it now
Do we need to make business continuity procedure or documents if we just want to have ISO 27001 cert? Because every time i study ISO 27001, Business continuity is there in the discussion.
Answer:
ISO 27001 talks about Business Continuity, and it is an important point in the Annex A of the standard (domain "A.17 Information security aspects of business continuity management"). But you can implement only a Disaster Recovery Plan (DRP) as a minimum to be compliant with A.17.1.2 and A.17.2.1 of the ISO 27001:2013, which is more related to the recovery of the IT infrastructure. Finally, keep in mind that your DRP should be based on the results of the risk assessment.
To see more in detail the differences between Business Continuity Plan and the Disaster Recovery Plan, you can see this article Disaster recovery vs Business continuity : https://advisera.com/27001academy/blog/2010/11/04/disaster-recovery-vs-business-continuity/
An d also can be interesting for you our template Disaster Recovery Plan : https://advisera.com/27001academy/documentation/disaster-recovery-plan/
Comment as guest or Sign in
Jan 12, 2016