ISO 22301 and Disaster Recovery Plan
Why does ISO 22301 Not talk about aligning with a DRP process? we live in a digital world and to recover requires a strong DRP and also a link to a Crisis management center either virtual or real? none of the standard means anything without an IT Disaster recovery program and DRP site to make it happen.
Assign topic to the user
As a management system standard, ISO 22301:2019 does not prescribe how to achieve business continuity, only what needs to be achieved.
Considering that, clause 8.4.5 (recovery) requires documented processes to restore and return business activities to regular operation after a disruption. Implementation of these requirements in most cases is achieved through IT Disaster recovery program and DRP site, but this is not mandatory, because organizations may decide for a different approach (e.g., some small percentage of low-tech companies might be able to recover without using computers).
This article will provide you further explanation about Disaster Recovery Plan:
- Disaster recovery vs Business continuity https://advisera.com/27001academy/blog/2010/11/04/disaster-recovery-vs-business-continuity/
Comment as guest or Sign in
Nov 12, 2019