Guest user Created: Jan 12, 2016 Last commented: Jan 12, 2016

Control 17.2 Redundancies

I have confusion regarding the Control 17.2 Redundancies. In my ISMS scope, it covers all monitoring systems (EMS - Element Monitoring System) which reside in data centre. total approximately 20 EMSs. but not all EMS have redundancy. for EMS that have no redundancy, the existing recovery plan is only retrieve the backup file. does this plan sufficient to meet the requirement for control 17.2?

0 0

Assign topic to the user

Select user

Guest

DejanK Jan 12, 2016

The main issue in business continuity is timing, or to be more precise the recovery time objective (RTO). If the RTO is couple of hours, you will be able to retrieve your EMS from the backup file; if RTO is couple of minutes you won't be able to do it from backup, which means you will need to have something more than the backup.

RTO is determine through a process called business impact analysis - read more in this article: How to implement business impact analysis (BIA) according to ISO 22301 https://advisera.com/27001academy/knowledgebase/how-to-implement-business-impact-analysis-bia-according-to-iso-22301/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community