Content library
Continuity management
Establishing a crisis management team and process
Risk management and leadership
Continuity management

Establishing a crisis management team and process

Start free trial

Task description

Establishing a crisis management team and process

The organisation should establish and maintain a comprehensive crisis management framework. This involves implementing methods to detect potential crisis situations by identifying general indicators and specific predictable crises, along with clear procedures for invoking and escalating crisis management when necessary. Strategic goals and priorities must be defined, focusing on ethical considerations for example:

  • protecting life and health
  • safeguarding core business processes
  • ensuring appropriate information security

A dedicated crisis management team should be formed, including representatives from all major organizational functions, with defined structures, roles, competencies, expectations, authority, and decision-making procedures.

Crisis management policies and procedures need to be developed and approved, encompassing exceptional authorities and decision-making processes, communication methods, emergency operating procedures, and organizational structures for reporting, information gathering, and decision-making.

The entire crisis management plan should be reviewed and updated regularly to ensure its ongoing effectiveness and relevance.

Requirements connected to the task

1.6.3: Crisis preparedness
TISAX: Information security
13.2: Resilience Plan
CER Directive
13.6: Prioritering af retablering af infrastruktur
Cybersikkerhedsloven (Danmark)
13.7: Prioritering af forbindelser og tjenester ved kapacitetsproblemer
Cybersikkerhedsloven (Danmark)
15.2.γ: Επιχειρησιακή συνέχεια και αντίγραφα ασφαλείας
Εθνική αρχή για την ασφάλεια στον κυβερνοχώρο και άλλες διατάξεις (Ελλάδα)
30.3: Aufrechterhaltung des Betriebs
NIS2-Umsetzungs- und Cybersicherheitsstärkungsgesetz (Deutschland)
4.3.2: Determine whether the incident is under control and take the necessary reactive measures
NSM ICT Security Principles (Norway)
RC.RP-02: Recovery actions
NIST CSF 2.0

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Notifying the system provider of deviations from data system requirements
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

6.2b: Häiriöiden hallinta ja menettelyt ongelmatilanteissa
Tietoturvasuunnitelma
See all related requirements and other information from tasks own page.
Go to >
Notifying the system provider of deviations from data system requirements
Preparation of contingency plans based on risk assessments
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

13 a §: Häiriötilanteista tiedottaminen ja varautuminen häiriötilanteisiin
TiHL
2.7: Varautuminen häiriötilanteisiin
TiHL tietoturvavaatimukset
See all related requirements and other information from tasks own page.
Go to >
Preparation of contingency plans based on risk assessments
Creating and documenting continuity plans
Critical
High
Normal
Low
Continuity management
64
requirements

Examples of other requirements this task affects

Članak 30.1.c: Kontinuitet poslovanja
NIS2 Croatia
2.7: Varautuminen häiriötilanteisiin
TiHL tietoturvavaatimukset
9.10 §: Varmuuskopiointi ja jatkuvuuden hallinta
Kyberturvallisuuslaki
5.2.8: IT service continuity planning
TISAX
1.6.3: Crisis preparedness
TISAX
See all related requirements and other information from tasks own page.
Go to >
Creating and documenting continuity plans
Risk tolerance reassessment plan
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Risk tolerance reassessment plan
Involving users and interdependent institutions in continuity testing (central securities depository)
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Involving users and interdependent institutions in continuity testing (central securities depository)
Involving clearing members and interdependent institutions in continuity testing (central counterparty)
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Involving clearing members and interdependent institutions in continuity testing (central counterparty)
Testing switching to backup and redundant infrastructure
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Testing switching to backup and redundant infrastructure
Includin third-party providers in continuity testing
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Includin third-party providers in continuity testing
Defining criteria for activation and deactivation of continuity plans
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Defining criteria for activation and deactivation of continuity plans
Creating and maintaining a continuity management policy
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Creating and maintaining a continuity management policy
Conducting vulnerability and impact analysis for critical infrastructure
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

Art. 13.3.3: Analyse de la vulnérabilité et de l'impact
Loi infrastructures critiques
§ 11: Fysiske sikkerhetstiltak
NIS2 NO
See all related requirements and other information from tasks own page.
Go to >
Conducting vulnerability and impact analysis for critical infrastructure
Resilient design of the public warning system
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

13.4: Sikring af udsendelse af offentlige advarsler
NIS2 Denmark
See all related requirements and other information from tasks own page.
Go to >
Resilient design of the public warning system
Conducting digital operational resilience testing
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

Article 24: General requirements for the performance of digital operational resilience testing
DORA
See all related requirements and other information from tasks own page.
Go to >
Conducting digital operational resilience testing
Process for checking integrity of data after an incident
Critical
High
Normal
Low
Continuity management
3
requirements

Examples of other requirements this task affects

Article 12: Backup policies and procedures, restoration and recovery procedures and methods
DORA
RC.RP-05: Integrity of restored assets is verified, systems and services
NIST 2.0
13.1.d: Recovering from incidents
CER
See all related requirements and other information from tasks own page.
Go to >
Process for checking integrity of data after an incident
Ensuring the reliability of data systems
Critical
High
Normal
Low
Continuity management
7
requirements

Examples of other requirements this task affects

6.2a: Jatkuvuuden hallinta
Tietoturvasuunnitelma
Article 7: ICT systems, protocols and tools
DORA
Article 9b: Prevention
DORA
4.1: Tietojärjestelmien tietoturvallisuus
TiHL tietoturvavaatimukset
RC.RP-1: Recovery plan is executed during or after a cybersecurity incident.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Ensuring the reliability of data systems
Regular testing and review of continuity plans
Critical
High
Normal
Low
Continuity management
57
requirements

Examples of other requirements this task affects

Članak 30.1.c: Kontinuitet poslovanja
NIS2 Croatia
9.10 §: Varmuuskopiointi ja jatkuvuuden hallinta
Kyberturvallisuuslaki
5.2.8: IT service continuity planning
TISAX
30 § 3.3°: La continuité et la gestion des crises
NIS2 Belgium
4.1.6: Test and rehearse the plans regularly so that they are established
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Regular testing and review of continuity plans
Addressing disasters in continuity planning
Critical
High
Normal
Low
Continuity management
28
requirements

Examples of other requirements this task affects

1.6.3: Crisis preparedness
TISAX
30 § 3.3°: La continuité et la gestion des crises
NIS2 Belgium
RC.RP-1: Recovery plan is executed during or after a cybersecurity incident.
CyberFundamentals
PR.IP-9: Response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed.
CyberFundamentals
14.5.4): Veiklos tęstinumą
NIS2 Lithuania
See all related requirements and other information from tasks own page.
Go to >
Addressing disasters in continuity planning
Considering cyber security breaches in continuity planning
Critical
High
Normal
Low
Continuity management
12
requirements

Examples of other requirements this task affects

PR.IP-9: Response and recovery plans
NIST
RS.MI-2: Incident mitigation
NIST
RC.RP-1: Recovery plan
NIST
RC.RP: Recovery Planning
NIST
2.7: Varautuminen häiriötilanteisiin
TiHL tietoturvavaatimukset
See all related requirements and other information from tasks own page.
Go to >
Considering cyber security breaches in continuity planning
Testing and reviewing continuity plans related to cyber security breaches
Critical
High
Normal
Low
Continuity management
9
requirements

Examples of other requirements this task affects

PR.IP-10: Response and recovery plan tests
NIST
RS.IM-2: Response strategies update
NIST
RC.IM-2: Recovery strategies
NIST
Article 11: Response and recovery
DORA
2.7: Varautuminen häiriötilanteisiin
TiHL tietoturvavaatimukset
See all related requirements and other information from tasks own page.
Go to >
Testing and reviewing continuity plans related to cyber security breaches
Developing an incident response plan for critical information systems
Critical
High
Normal
Low
Continuity management
23
requirements

Examples of other requirements this task affects

RS.RP: Response Planning
NIST
RS.RP-1: Incident response plan
NIST
HAL-17: Tietojärjestelmien toiminnallinen käytettävyys ja vikasietoisuus
Julkri
VAR-09: Tietojärjestelmien toipumissuunnitelmat
Julkri
CC7.4: Responding to identified security incidents
SOC 2
See all related requirements and other information from tasks own page.
Go to >
Developing an incident response plan for critical information systems
Communication in accordance with the incident response plan in the event of a incident
Critical
High
Normal
Low
Continuity management
17
requirements

Examples of other requirements this task affects

RS.CO-3: Information sharing
NIST
32: Viestintäsuunnitelma häiriö- ja kriisitilanteisiin
Digiturvan kokonaiskuvapalvelu
RESPONSE-3: Respond to Cybersecurity Incidents
C2M2
Article 14: Communication
DORA
Article 17: ICT-related incident management process
DORA
See all related requirements and other information from tasks own page.
Go to >
Communication in accordance with the incident response plan in the event of a incident
Executing an incident response plan with stakeholders
Critical
High
Normal
Low
Continuity management
6
requirements

Examples of other requirements this task affects

RS.CO-4: Coordination with stakeholders
NIST
RS.RP-1: Response plan is executed during or after an incident.
CyberFundamentals
RS.CO-4: Coordination with stakeholders occurs consistent with response plans.
CyberFundamentals
RS.MA-01: Incident response plan execution
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Executing an incident response plan with stakeholders
Palveluntarjoajien siirtojen huomiointi jatkuvuussuunnitelmissa
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

VAR-02.1: Jatkuvuusvaatimusten määrittely - palveluiden siirrot
Julkri
See all related requirements and other information from tasks own page.
Go to >
Palveluntarjoajien siirtojen huomiointi jatkuvuussuunnitelmissa
Continuity of critical tasks in exceptional situations
Critical
High
Normal
Low
Continuity management
10
requirements

Examples of other requirements this task affects

VAR-05: Henkilöstön saatavuus ja varajärjestelyt
Julkri
Article 11: Response and recovery
DORA
2.7: Varautuminen häiriötilanteisiin
TiHL tietoturvavaatimukset
1.6.3: Crisis preparedness
TISAX
Article 13.1(.2.h): Availability
CRA
See all related requirements and other information from tasks own page.
Go to >
Continuity of critical tasks in exceptional situations
Palveluriippuvuuksien huomiointi vikasietoisuuden suunnittelussa
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

VAR-08.1: Vikasietoisuus - riippuvuudet
Julkri
See all related requirements and other information from tasks own page.
Go to >
Palveluriippuvuuksien huomiointi vikasietoisuuden suunnittelussa
Identifying and testing the continuity capabilities required from ICT services
Critical
High
Normal
Low
Continuity management
12
requirements

Examples of other requirements this task affects

5.30: ICT readiness for business continuity
ISO 27001
6.2a: Jatkuvuuden hallinta
Tietoturvasuunnitelma
Article 11: Response and recovery
DORA
Article 12: Backup policies and procedures, restoration and recovery procedures and methods
DORA
5.2.8: IT service continuity planning
TISAX
See all related requirements and other information from tasks own page.
Go to >
Identifying and testing the continuity capabilities required from ICT services
Ensuring and testing the resilience of data processing environment
Critical
High
Normal
Low
Continuity management
6
requirements

Examples of other requirements this task affects

8.14: Redundancy of information processing facilities
ISO 27001
4.3: Vikasietoisuuden ja toiminnallisen käytettävyyden testaus
TiHL tietoturvavaatimukset
ID.BE-5: Resilience requirements to support delivery of critical services are established for all operating states (e.g. under duress/attack, during recovery, normal operations).
CyberFundamentals
2.2.7: Establish a robust and resilient ICT architecture
NSM ICT-SP
PR.IR-03: Meeting resilience requirements
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Ensuring and testing the resilience of data processing environment
Identifying critical functions and related assets
Critical
High
Normal
Low
Continuity management
22
requirements

Examples of other requirements this task affects

26: Kriittisten toimintojen tunnistaminen
Digiturvan kokonaiskuvapalvelu
72: Organisaation kriittisten palveluiden tunnistaminen
Digiturvan kokonaiskuvapalvelu
73: Kriittisten palveluiden riippuvuudet palvelutoimittajista
Digiturvan kokonaiskuvapalvelu
ASSET-1: Manage IT and OT Asset Inventory
C2M2
6.2a: Jatkuvuuden hallinta
Tietoturvasuunnitelma
See all related requirements and other information from tasks own page.
Go to >
Identifying critical functions and related assets
Ensuring coverage of critical scenarios and aspects in continuity plans
Critical
High
Normal
Low
Continuity management
3
requirements

Examples of other requirements this task affects

5.2.8: IT service continuity planning
TISAX
Article 39: Components of the ICT business continuity plan
DORA simplified RMF
Art. 13.3.2: Analyse des risques
Loi infrastructures critiques
See all related requirements and other information from tasks own page.
Go to >
Ensuring coverage of critical scenarios and aspects in continuity plans
Establishing a crisis management team and process
Critical
High
Normal
Low
Continuity management
8
requirements

Examples of other requirements this task affects

1.6.3: Crisis preparedness
TISAX
4.3.2: Determine whether the incident is under control and take the necessary reactive measures
NSM ICT-SP
RC.RP-02: Recovery actions
NIST 2.0
15.2.γ: Επιχειρησιακή συνέχεια και αντίγραφα ασφαλείας
NIS2 Greece
30.3: Aufrechterhaltung des Betriebs
NIS2 Germany
See all related requirements and other information from tasks own page.
Go to >
Establishing a crisis management team and process
Requirements about information security continuity
Critical
High
Normal
Low
Continuity management
8
requirements

Examples of other requirements this task affects

17.1.1: Planning information security continuity
ISO 27001
VAR-02: Jatkuvuusvaatimusten määrittely
Julkri
5.29: Information security during disruption
ISO 27001
24: Jatkuvuudenhallinnan kuvaus
Digiturvan kokonaiskuvapalvelu
RC.RP-04: Critical mission functions and cybersecurity risk management
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Requirements about information security continuity
Defining the organization's continuity strategy
Critical
High
Normal
Low
Continuity management
9
requirements

Examples of other requirements this task affects

VAR-03: Jatkuvuussuunnitelmat
Julkri
24: Jatkuvuudenhallinnan kuvaus
Digiturvan kokonaiskuvapalvelu
Article 11: Response and recovery
DORA
5.2.8: IT service continuity planning
TISAX
28.(1): Kiberriska pārvaldības un nepārtrauktības plāni
NIS2 Latvia
See all related requirements and other information from tasks own page.
Go to >
Defining the organization's continuity strategy
Communication to stakeholders on continuity plans
Critical
High
Normal
Low
Continuity management
32
requirements

Examples of other requirements this task affects

Članak 30.1.c: Kontinuitet poslovanja
NIS2 Croatia
9.10 §: Varmuuskopiointi ja jatkuvuuden hallinta
Kyberturvallisuuslaki
30 § 3.3°: La continuité et la gestion des crises
NIS2 Belgium
RC.CO-2: Reputation is repaired after an incident.
CyberFundamentals
14.5.4): Veiklos tęstinumą
NIS2 Lithuania
See all related requirements and other information from tasks own page.
Go to >
Communication to stakeholders on continuity plans
Communicating recovery measures to stakeholders
Critical
High
Normal
Low
Continuity management
6
requirements

Examples of other requirements this task affects

RC.CO-3: Recovery actions
NIST
Article 14: Communication
DORA
RC.CO-3: Recovery activities are communicated to internal and external stakeholders as well as executive and management teams
CyberFundamentals
4.2.3: Inform relevant stakeholders
NSM ICT-SP
RC.CO-03: Recovery activities and progress communication to stakeholders
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Communicating recovery measures to stakeholders
Staff awareness of continuity plans
Critical
High
Normal
Low
Continuity management
4
requirements

Examples of other requirements this task affects

VAR-04: Resurssit ja osaaminen
Julkri
1.6.3: Crisis preparedness
TISAX
See all related requirements and other information from tasks own page.
Go to >
Staff awareness of continuity plans
Continuous improvement of continuation plans
Critical
High
Normal
Low
Continuity management
13
requirements

Examples of other requirements this task affects

CC7.5: Recovery from security incidents
SOC 2
Article 11: Response and recovery
DORA
RS.IM-2: Response and Recovery strategies are updated.
CyberFundamentals
RS.IM-1: Response plans incorporate lessons learned.
CyberFundamentals
RC.IM-1: Recovery plans incorporate lessons learned.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Continuous improvement of continuation plans

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security