Expert Advice Community

Guest

Distance of recovery site

  Quote
Guest
Guest user Created:   Nov 21, 2017 Last commented:   Nov 21, 2017

Distance of recovery site

Is in ISO 22301 mentioned any specific kilometer distance between the fail-over data centers ? I Know that the selection of DC location/provider is a complex thing and many things are to be considered, but the people (mangers) are kind of discussing all over again a Number X or Y. If there would be some concrete number in ISO 22301 (or PCI-DSS or another ISO/??? market/industry relevant/authoritative document, the discussion could be over). Please advice.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 21, 2017

Answer: ISO 22301 and most regulations and industry practices do not define any specific distance to recovery sites because, as you mention, many factors can affect what would be considered a "safe" distance. From our experience I suggest you to start the discussion suggesting a distance between 30 miles (50 kilometers) and 100 miles (160 kilometers) away from your primary location and from that analyse your organization's context (geographic situation, available resources, required investment, etc.).

This article will provide you further explanation about distance of recovery site:
- Dis aster recovery site – What is the ideal distance from primary site? https://advisera.com/27001academy/knowledgebase/disaster-recovery-site-what-is-the-ideal-distance-from-primary-site/

This material will also help you regarding distance of recovery site:
- Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 21, 2017

Nov 21, 2017