top of page

life-is-patissier_新グループ

公開·2名のメンバー
Mateo Collins
Mateo Collins

IEC INTERNATIONAL 27031 STANDARD.pdf ##HOT##


ISO/IEC 27031:2011 describes the concepts and principles of information and comunication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization's ICT readiness to ensure business continuity. It applies to any organization (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity program (IRBC), and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity (including security) of critical business functions. It also enables an organization to measure performance parameters that correlate to its IRBC in a consistent and recognized manner.




IEC INTERNATIONAL 27031 STANDARD.pdf



The scope of ISO/IEC 27031:2011 encompasses all events and incidents (including security related) that could have an impact on ICT infrastructure and systems. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.


ISO/IEC 27031 was originally intended to be a multi-part standard but changed to two parts (a formal specification plus a guideline) and finally produced a single part (just the guideline) which was published in 2011.


ISO 27031 is applicable to any organization requiring its ICT services and infrastructures to be ready to support business operations in the event of disruption. It also allows an organization to assess if performance parameters correlate to its IRBC in a consistent and recognized manner.


The scope of ISO 27031 encompasses all events and incidents that could have an impact on ICT infrastructure and systems in organizations of all kinds (whether private, governmental or non-governmental) and regardless of size. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.


A disaster recovery plan (DRP) details all the actions you, your management team, and your personnel must take to make sure your employees and your business are safe. Depending on the size and complexity of your business or organization, you may want to have a DRP for each department which the managers retain copies of at all times. The managers may be responsible for adapting and revising these plans regularly or when necessary to stay abreast of current ISO standards like ISO 27031 and other business and safety standards.


In addition, ISO 27031 requires the following processes be defined and included in your DRP: a website disaster planning form, a work plan, an audit plan, preventative measures, an incident communication plan, a social networking checklist, and a pandemic checklist.