Get 4 FREE months of Conformio to implement ISO 27001

Expert Advice Community

Guest

Business Continuity vs Disaster Recovery

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Business Continuity vs Disaster Recovery

0 0

Assign topic to the user

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 22301 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
AntonioS Jan 12, 2016

Do we need to make business continuity procedure or documents if we just want to have ISO 27001 cert? Because every time i study ISO 27001, Business continuity is there in the discussion.

 

Answer:

ISO 27001 talks about Business Continuity, and it is an important point in the Annex A of the standard (domain "A.17 Information security aspects of business continuity management"). But you can implement only a Disaster Recovery Plan (DRP) as a minimum to be compliant with A.17.1.2 and A.17.2.1 of the ISO 27001:2013, which is more related to the recovery of the IT infrastructure. Finally, keep in mind that your DRP should be based on the results of the risk assessment.
To see more in detail the differences between Business Continuity Plan and the Disaster Recovery Plan, you can see this article “Disaster recovery vs Business continuity” : https://advisera.com/27001academy/blog/2010/11/04/disaster-recovery-vs-business-continuity/
An d also can be interesting for you our template “Disaster Recovery Plan” : https://advisera.com/27001academy/documentation/disaster-recovery-plan/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016