Expert Advice Community

Guest

ISMS framework

  Quote
Guest
Guest user Created:   Aug 05, 2020 Last commented:   Aug 05, 2020

ISMS framework

I'm implementing ISMS framework for my company.
All the critical applications for critical processes are hosted on the cloud.
Clause 17 of ISO27001 requires Information Security aspects of Business Continuity management.
We don't have BCP/ DR plans in place.
Now clause 17 only focuses on ensuring Info Security arrangements in case of BCP & DR. So my question is - do I've to prepare full BCP/ DR plans to comply with the clause 17 requirements? Or is there any alternative for it? Please guide.

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 05, 2020

ISO 27001 aspects on the business continuity process (section A.17 from ISO 27001 Annex A) are related to ensuring the availability of information and information systems during either crisis or disaster situations, so a full Business Continuity Plan is not mandatory for this standard, and you will only need the DRP.

To see how a DRP compliant with ISO 27001 looks like, I suggest you take a look at the free demo of our Disaster Recovery Plan at this link: https://advisera.com/27001academy/01academy/emy/ademy/my/documentation/disaster-recovery-plan/

This article will provide you a further explanation about DRP and BCP:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 05, 2020

Aug 05, 2020

Suggested Topics

rijal Created:   Sep 10, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISMS Framework vs IS Policy

Guest user Created:   Jun 09, 2020 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001: ISMS