I'm implementing ISMS framework for my company.
All the critical applications for critical processes are hosted on the cloud.
Clause 17 of ISO27001 requires Information Security aspects of Business Continuity management.
We don't have BCP/ DR plans in place.
Now clause 17 only focuses on ensuring Info Security arrangements in case of BCP & DR. So my question is - do I've to prepare full BCP/ DR plans to comply with the clause 17 requirements? Or is there any alternative for it? Please guide.