Take the ISO 27001 course exam and get the
EU GDPR exam for free
LIMITED-TIME OFFER – ENDS SEPTEMBER 28, 2023

Expert Advice Community

Disaster Recovery and Business Continuity Testing

  Quote
Katie W Created:   Jan 13, 2023 Last commented:   Jan 17, 2023

Disaster Recovery and Business Continuity Testing

Hello,

Within ISO is there any stated requirement of how often you should test your back-ups, sequel data bases, etc..  Annually, quarterly, yearly?  Also, for BC testing and exercises?  

 

Thank you,

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 17, 2023

Considering the most used standards for these topics (ISO 27001 for information security and ISO 22301 for business continuity), these standards do not prescribe how often testing and exercises should be taken.

To comply with these standards, you need to perform a risk assessment and identify applicable legal requirements to define the proper frequency for these testing and exercises.

In case your risk assessment and requirements do not provide a proper reference, you can try starting with these suggestions:

  • testing backups and sequel databases - e.g., once a quarter
  • BC testing and exercises - e.g., once a year

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 13, 2023

Jan 17, 2023