Ransomware recovery plan
We are looking for a template for a ransomware recovery plan for business continuity.
Kindly confirm if you have such templates or anything related.
Assign topic to the user
You can develop a business continuity plan for a ransomware event by using the Business Continuity Plan template, and related appendices. These templates are included in folder 10 ISO 22301 Core Business Continuity Documents.
The ransomware recovery plan is basically the same as a recovery plan for some other scenarios and you should use the Disaster Recovery Plan for that purpose.
Common practices to be considered for a business continuity plan for ransomware are:
- format and reinstall of affected servers
- recovering data from backups
Additionally, some preventive actions should be considered:
- Training and awareness sessions about ransomware, to be included in the Training and awareness plan, located in folder 10 Training and awareness
- Event monitoring, to be included in the Secure procedures for IT department, located in folder 9 Annex A Security controls
- Patch management, to be included in the Secure procedures for IT department, located in folder 9 Annex A Security controls
For further information, see:
- How can ISO 27001 help protect your company against ransomware? https://advisera.com/27001academy/blog/2016/11/14/how-can-iso-27001-help-protect-your-company-against-ransomware/
- Free Security Awareness Training: https://advisera.com/training/awareness-session/security-awareness-training/ - this is a series of 25 videos that cover various topics related to security.
Comment as guest or Sign in
Feb 15, 2023