The standard encompasses all events and incidents (not just information security related) that could have an impact on ICT infrastructure and systems. It therefore extends the practices of information security incident handling and management, ICT readiness planning and services.
ICT Readiness for Business Continuity (IRBC) supports Business Continuity Management (BCM) “by ensuring that the ICT services are as resilient as appropriate and can be recovered to pre-determined levels within timescales required and agreed by the organization.”
ICT readiness should of course reduce the impact (meaning the extent, duration and/or consequences) of information security incidents on the organization.
The standard incorporates the cyclical PDCA approach, extending the conventional business continuity planning process to take greater account of ICT. It incorporates ‘failure scenario assessment methods’ such as FMEA (Failure Modes and Effects Analysis), with a focus on identifying ‘triggering events’ that could precipitate more or less serious incidents.
Owner
Standardisation body
Contact information
Published on
Last update
Status
Completed
Only facilitators and authors can create content.
Moderated