Content library
Continuity management
Preparation of contingency plans based on risk assessments
Risk management and leadership
Continuity management

Preparation of contingency plans based on risk assessments

Start free trial

Task description

Preparation of contingency plans based on risk assessments

The information management unit must carry out the necessary risk assessments regarding the processing of its information assets, the use of its information systems, and the continuity of its operations. Based on the risk assessment, the information management unit must:

a) Prepare contingency plans and advance preparations for disruption situations.

b) Implement other necessary measures to ensure that the processing of information assets, the use of information systems, and operations dependent on them can continue with as little disruption as possible during disturbances under normal conditions and during emergency conditions as referred to in the Emergency Powers Act (1552/2011).

Requirements connected to the task

13 a §: Häiriötilanteista tiedottaminen ja varautuminen häiriötilanteisiin
Public administration information management act
2.7: Varautuminen häiriötilanteisiin
TiHL: Suositus tietoturvan vähimmäisvaatimuksista

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Definition and documentation of the BCMS scope
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Definition and documentation of the BCMS scope
Formal business impact analysis for prioritized activities
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Formal business impact analysis for prioritized activities
Implementation of business continuity solutions
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Implementation of business continuity solutions
Testing and validation of business continuity solutions
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Testing and validation of business continuity solutions
Evaluation and selection of business continuity strategies
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Evaluation and selection of business continuity strategies
Evaluation of business continuity strategies and solutions effectiveness
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Evaluation of business continuity strategies and solutions effectiveness
Formal change management process for BCMS
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Formal change management process for BCMS
Preparing and documenting inputs for management review
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Preparing and documenting inputs for management review
Defining business continuity roles, responsibilities, and authorities
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Defining business continuity roles, responsibilities, and authorities
Communication plan for the BCMS
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Communication plan for the BCMS
Business continuity plan scope
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Business continuity plan scope
BCMS improvement program
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
BCMS improvement program
Resource management for the BCMS
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Resource management for the BCMS
BCMS performance monitoring
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
BCMS performance monitoring
Assessment of business continuity resources
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Assessment of business continuity resources
Business continuity policy development
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Business continuity policy development
Business continuity program evaluation and documentation update
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Business continuity program evaluation and documentation update
Execution of BCMS improvement actions
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Execution of BCMS improvement actions
Formalized program for managing operational interruptions
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Formalized program for managing operational interruptions
Business continuity policy documentation and communication
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Business continuity policy documentation and communication
Establishing and monitoring business continuity objectives
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Establishing and monitoring business continuity objectives
Continual improvement of the BCMS
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Continual improvement of the BCMS
Business Continuity Management System establishment
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Business Continuity Management System establishment
Business continuity exercise outcome management
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Business continuity exercise outcome management
Notifying the system provider of deviations from data system requirements
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

6.2b: Häiriöiden hallinta ja menettelyt ongelmatilanteissa
Tietoturvasuunnitelma
See all related requirements and other information from tasks own page.
Go to >
Notifying the system provider of deviations from data system requirements
Preparation of contingency plans based on risk assessments
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

13 a §: Häiriötilanteista tiedottaminen ja varautuminen häiriötilanteisiin
TiHL
2.7: Varautuminen häiriötilanteisiin
TiHL tietoturvavaatimukset
See all related requirements and other information from tasks own page.
Go to >
Preparation of contingency plans based on risk assessments
Creating and documenting continuity plans
Critical
High
Normal
Low
Continuity management
94
requirements

Examples of other requirements this task affects

Članak 30.1.c: Kontinuitet poslovanja
NIS2 Croatia
2.7: Varautuminen häiriötilanteisiin
TiHL tietoturvavaatimukset
9.10 §: Varmuuskopiointi ja jatkuvuuden hallinta
Kyberturvallisuuslaki
5.2.8: IT service continuity planning
TISAX
1.6.3: Crisis preparedness
TISAX
See all related requirements and other information from tasks own page.
Go to >
Creating and documenting continuity plans
Documenting the business continuity response structure
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Documenting the business continuity response structure
Practice of communication procedures
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Practice of communication procedures
Analysis of costs and benefits for business continuity solutions
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Analysis of costs and benefits for business continuity solutions
Ensuring resource allocation for continuity strategies
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Ensuring resource allocation for continuity strategies
Personnel awareness of business continuity non-conformance consequences
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Personnel awareness of business continuity non-conformance consequences
Accessibility of business continuity plans
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Accessibility of business continuity plans
Business continuity plan activation and initial response
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Business continuity plan activation and initial response
Development of business continuity strategies covering the full disruption lifecycle
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Development of business continuity strategies covering the full disruption lifecycle
Documenting and presenting BCMS evaluation results
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Documenting and presenting BCMS evaluation results
Retention of documented information for operational control
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Retention of documented information for operational control
Business continuity procedure design and adaptability
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Business continuity procedure design and adaptability
Communication of BCMS management review results
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Communication of BCMS management review results
Periodic and triggered review of BIA and risk assessments
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Periodic and triggered review of BIA and risk assessments
Business continuity exercise planning
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Business continuity exercise planning
Backup facilities for business continuity
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

31.19: Atsarginės patalpos
NIS2 Guide Lithuania
See all related requirements and other information from tasks own page.
Go to >
Backup facilities for business continuity
Definition of recovery objectives and resource dependencies
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

27: Verslo tęstinumo valdymo planas
NIS2 Guide Lithuania
See all related requirements and other information from tasks own page.
Go to >
Definition of recovery objectives and resource dependencies
Participation in mandatory domestic cybersecurity exercises
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

6. § (5).b: Részvétel a nemzeti gyakorlatokon
NIS2 Hungary
See all related requirements and other information from tasks own page.
Go to >
Participation in mandatory domestic cybersecurity exercises
Verification of recovery capability for central systems
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

§ 5.1: Krisberedskapen
MSBFS 2020:7
See all related requirements and other information from tasks own page.
Go to >
Verification of recovery capability for central systems
Awareness of emergency preparedness and response roles
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

§ 25: Medarbejderkompetence og træning inden for sikkerhedsområder
Energisektor beredskabsbekendtgørelse
See all related requirements and other information from tasks own page.
Go to >
Awareness of emergency preparedness and response roles
Procedures for national crisis management participation
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

§ 13: Forretningskontinuitet og planlægning af hændelsesstyring
Energisektor beredskabsbekendtgørelse
See all related requirements and other information from tasks own page.
Go to >
Procedures for national crisis management participation
Contingency planning for physical production and equipment
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

§ 19.3: Væsentlige procedurer for håndtering af hændelser
Energisektor beredskabsbekendtgørelse
See all related requirements and other information from tasks own page.
Go to >
Contingency planning for physical production and equipment
Assessment of facility redundancy for service delivery
Critical
High
Normal
Low
Continuity management
4
requirements

Examples of other requirements this task affects

§ 13: Forretningskontinuitet og planlægning af hændelsesstyring
Energisektor beredskabsbekendtgørelse
13.1: Supporting utilities
NIS2 Guide
4.2.4: Availability and redundancy of resources
NIS2 Guide
64.57 (esminiams): Techniniai ir aplinkos saugumo reikalavimai esminiams kibernetinio saugumo subjektas
NIS2 Guide Lithuania
See all related requirements and other information from tasks own page.
Go to >
Assessment of facility redundancy for service delivery
Alternative communication channels for emergencies
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

5.42: HLT – Noodcommunicatiesituaties
NEN 7510
See all related requirements and other information from tasks own page.
Go to >
Alternative communication channels for emergencies
Risk tolerance reassessment plan
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Risk tolerance reassessment plan
Involving users and interdependent institutions in continuity testing (central securities depository)
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Involving users and interdependent institutions in continuity testing (central securities depository)
Involving clearing members and interdependent institutions in continuity testing (central counterparty)
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Involving clearing members and interdependent institutions in continuity testing (central counterparty)
Testing switching to backup and redundant infrastructure
Critical
High
Normal
Low
Continuity management
4
requirements

Examples of other requirements this task affects

13.1: Supporting utilities
NIS2 Guide
4.2.5: Monitoring and adjusting resources for redundancy
NIS2 Guide
4.2.6: Testing of backup and recovery processes
NIS2 Guide
See all related requirements and other information from tasks own page.
Go to >
Testing switching to backup and redundant infrastructure
Including third-party providers in continuity testing
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Including third-party providers in continuity testing
Defining criteria for activation and deactivation of continuity plans
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

4.1.2: Restoration and recovery procedures
NIS2 Guide
See all related requirements and other information from tasks own page.
Go to >
Defining criteria for activation and deactivation of continuity plans
Creating and maintaining a continuity management policy
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

Člen 21.1.1: Varnost informacijskih sistemov
NIS2 Slovenia
See all related requirements and other information from tasks own page.
Go to >
Creating and maintaining a continuity management policy
Conducting vulnerability and impact analysis for critical infrastructure
Critical
High
Normal
Low
Continuity management
3
requirements

Examples of other requirements this task affects

Art. 13.3.3: Analyse de la vulnérabilité et de l'impact
Loi infrastructures critiques
§ 11: Fysiske sikkerhetstiltak
NIS2 NO
15. §: Sebezhetőségi értékelési szabványok és javítási tervek
NIS2 Hungary
See all related requirements and other information from tasks own page.
Go to >
Conducting vulnerability and impact analysis for critical infrastructure
Resilient design of the public warning system
Critical
High
Normal
Low
Continuity management
2
requirements

Examples of other requirements this task affects

13.4: Sikring af udsendelse af offentlige advarsler
NIS2 Denmark
§ 4.22: Katastrofåterställning och redundans
MSBFS 2020:7
See all related requirements and other information from tasks own page.
Go to >
Resilient design of the public warning system
Conducting digital operational resilience testing
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

Article 24: General requirements for the performance of digital operational resilience testing
DORA
See all related requirements and other information from tasks own page.
Go to >
Conducting digital operational resilience testing
Process for checking integrity of data after an incident
Critical
High
Normal
Low
Continuity management
4
requirements

Examples of other requirements this task affects

Article 12: Backup policies and procedures, restoration and recovery procedures and methods
DORA
RC.RP-05: Integrity of restored assets is verified, systems and services
NIST 2.0
13.1.d: Recovering from incidents
CER
§ 14.4: Återhämta sig från incidenter
NIS2 Åland
See all related requirements and other information from tasks own page.
Go to >
Process for checking integrity of data after an incident
Ensuring the reliability of data systems
Critical
High
Normal
Low
Continuity management
8
requirements

Examples of other requirements this task affects

6.2a: Jatkuvuuden hallinta
Tietoturvasuunnitelma
Article 9b: Prevention
DORA
Article 7: ICT systems, protocols and tools
DORA
4.1: Tietojärjestelmien tietoturvallisuus
TiHL tietoturvavaatimukset
RC.RP-1: Recovery plan is executed during or after a cybersecurity incident.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Ensuring the reliability of data systems
Regular testing and review of continuity plans
Critical
High
Normal
Low
Continuity management
83
requirements

Examples of other requirements this task affects

Članak 30.1.c: Kontinuitet poslovanja
NIS2 Croatia
9.10 §: Varmuuskopiointi ja jatkuvuuden hallinta
Kyberturvallisuuslaki
5.2.8: IT service continuity planning
TISAX
30 § 3.3°: La continuité et la gestion des crises
NIS2 Belgium
4.1.6: Test and rehearse the plans regularly so that they are established
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Regular testing and review of continuity plans
Addressing disasters in continuity planning
Critical
High
Normal
Low
Continuity management
41
requirements

Examples of other requirements this task affects

1.6.3: Crisis preparedness
TISAX
30 § 3.3°: La continuité et la gestion des crises
NIS2 Belgium
RC.RP-1: Recovery plan is executed during or after a cybersecurity incident.
CyberFundamentals
PR.IP-9: Response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed.
CyberFundamentals
14.5.4): Veiklos tęstinumą
NIS2 Lithuania
See all related requirements and other information from tasks own page.
Go to >
Addressing disasters in continuity planning
Considering cyber security breaches in continuity planning
Critical
High
Normal
Low
Continuity management
12
requirements

Examples of other requirements this task affects

PR.IP-9: Response and recovery plans
NIST
RS.MI-2: Incident mitigation
NIST
RC.RP: Recovery Planning
NIST
RC.RP-1: Recovery plan
NIST
2.7: Varautuminen häiriötilanteisiin
TiHL tietoturvavaatimukset
See all related requirements and other information from tasks own page.
Go to >
Considering cyber security breaches in continuity planning
Testing and reviewing continuity plans related to cyber security breaches
Critical
High
Normal
Low
Continuity management
10
requirements

Examples of other requirements this task affects

PR.IP-10: Response and recovery plan tests
NIST
RS.IM-2: Response strategies update
NIST
RC.IM-2: Recovery strategies
NIST
Article 11: Response and recovery
DORA
2.7: Varautuminen häiriötilanteisiin
TiHL tietoturvavaatimukset
See all related requirements and other information from tasks own page.
Go to >
Testing and reviewing continuity plans related to cyber security breaches
Developing an incident response plan for critical information systems
Critical
High
Normal
Low
Continuity management
31
requirements

Examples of other requirements this task affects

RS.RP: Response Planning
NIST
RS.RP-1: Incident response plan
NIST
HAL-17: Tietojärjestelmien toiminnallinen käytettävyys ja vikasietoisuus
Julkri
VAR-09: Tietojärjestelmien toipumissuunnitelmat
Julkri
CC7.4: Responding to identified security incidents
SOC 2
See all related requirements and other information from tasks own page.
Go to >
Developing an incident response plan for critical information systems
Communication in accordance with the incident response plan in the event of an incident
Critical
High
Normal
Low
Continuity management
21
requirements

Examples of other requirements this task affects

RS.CO-3: Information sharing
NIST
32: Viestintäsuunnitelma häiriö- ja kriisitilanteisiin
Digiturvan kokonaiskuvapalvelu
RESPONSE-3: Respond to Cybersecurity Incidents
C2M2
Article 14: Communication
DORA
Article 17: ICT-related incident management process
DORA
See all related requirements and other information from tasks own page.
Go to >
Communication in accordance with the incident response plan in the event of an incident
Executing an incident response plan with stakeholders
Critical
High
Normal
Low
Continuity management
6
requirements

Examples of other requirements this task affects

RS.CO-4: Coordination with stakeholders
NIST
RS.RP-1: Response plan is executed during or after an incident.
CyberFundamentals
RS.CO-4: Coordination with stakeholders occurs consistent with response plans.
CyberFundamentals
RS.MA-01: Incident response plan execution
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Executing an incident response plan with stakeholders
Palveluntarjoajien siirtojen huomiointi jatkuvuussuunnitelmissa
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

VAR-02.1: Jatkuvuusvaatimusten määrittely - palveluiden siirrot
Julkri
See all related requirements and other information from tasks own page.
Go to >
Palveluntarjoajien siirtojen huomiointi jatkuvuussuunnitelmissa
Continuity of critical tasks in exceptional situations
Critical
High
Normal
Low
Continuity management
15
requirements

Examples of other requirements this task affects

VAR-05: Henkilöstön saatavuus ja varajärjestelyt
Julkri
Article 11: Response and recovery
DORA
2.7: Varautuminen häiriötilanteisiin
TiHL tietoturvavaatimukset
1.6.3: Crisis preparedness
TISAX
Article 39: Components of the ICT business continuity plan
DORA simplified RMF
See all related requirements and other information from tasks own page.
Go to >
Continuity of critical tasks in exceptional situations
Palveluriippuvuuksien huomiointi vikasietoisuuden suunnittelussa
Critical
High
Normal
Low
Continuity management
1
requirements

Examples of other requirements this task affects

VAR-08.1: Vikasietoisuus - riippuvuudet
Julkri
See all related requirements and other information from tasks own page.
Go to >
Palveluriippuvuuksien huomiointi vikasietoisuuden suunnittelussa
Identifying and testing the continuity capabilities required from ICT services
Critical
High
Normal
Low
Continuity management
18
requirements

Examples of other requirements this task affects

5.30: ICT readiness for business continuity
ISO 27001
6.2a: Jatkuvuuden hallinta
Tietoturvasuunnitelma
Article 11: Response and recovery
DORA
Article 12: Backup policies and procedures, restoration and recovery procedures and methods
DORA
5.2.8: IT service continuity planning
TISAX
See all related requirements and other information from tasks own page.
Go to >
Identifying and testing the continuity capabilities required from ICT services
Ensuring and testing the resilience of data processing environment
Critical
High
Normal
Low
Continuity management
12
requirements

Examples of other requirements this task affects

8.14: Redundancy of information processing facilities
ISO 27001
4.3: Vikasietoisuuden ja toiminnallisen käytettävyyden testaus
TiHL tietoturvavaatimukset
ID.BE-5: Resilience requirements to support delivery of critical services are established for all operating states (e.g. under duress/attack, during recovery, normal operations).
CyberFundamentals
2.2.7: Establish a robust and resilient ICT architecture
NSM ICT-SP
PR.IR-03: Meeting resilience requirements
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Ensuring and testing the resilience of data processing environment
Identifying critical functions and related assets
Critical
High
Normal
Low
Continuity management
26
requirements

Examples of other requirements this task affects

26: Kriittisten toimintojen tunnistaminen
Digiturvan kokonaiskuvapalvelu
72: Organisaation kriittisten palveluiden tunnistaminen
Digiturvan kokonaiskuvapalvelu
73: Kriittisten palveluiden riippuvuudet palvelutoimittajista
Digiturvan kokonaiskuvapalvelu
ASSET: Manage IT and OT Asset Inventory
C2M2
ASSET-1: Manage IT and OT Asset Inventory
C2M2
See all related requirements and other information from tasks own page.
Go to >
Identifying critical functions and related assets
Ensuring coverage of critical scenarios and aspects in continuity plans
Critical
High
Normal
Low
Continuity management
4
requirements

Examples of other requirements this task affects

5.2.8: IT service continuity planning
TISAX
Article 39: Components of the ICT business continuity plan
DORA simplified RMF
Art. 13.3.2: Analyse des risques
Loi infrastructures critiques
§ 19: Beredskabs- og krisestyringsplaner
Energisektor beredskabsbekendtgørelse
See all related requirements and other information from tasks own page.
Go to >
Ensuring coverage of critical scenarios and aspects in continuity plans
Establishing a crisis management team and process
Critical
High
Normal
Low
Continuity management
14
requirements

Examples of other requirements this task affects

1.6.3: Crisis preparedness
TISAX
4.3.2: Determine whether the incident is under control and take the necessary reactive measures
NSM ICT-SP
RC.RP-02: Recovery actions
NIST 2.0
15.2.γ: Επιχειρησιακή συνέχεια και αντίγραφα ασφαλείας
NIS2 Greece
§ 30.(2).3: Aufrechterhaltung des Betriebs
NIS2 Germany
See all related requirements and other information from tasks own page.
Go to >
Establishing a crisis management team and process
Requirements about information security continuity
Critical
High
Normal
Low
Continuity management
10
requirements

Examples of other requirements this task affects

17.1.1: Planning information security continuity
ISO 27001
VAR-02: Jatkuvuusvaatimusten määrittely
Julkri
5.29: Information security during disruption
ISO 27001
24: Jatkuvuudenhallinnan kuvaus
Digiturvan kokonaiskuvapalvelu
RC.RP-04: Critical mission functions and cybersecurity risk management
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Requirements about information security continuity
Defining the organization's continuity strategy
Critical
High
Normal
Low
Continuity management
14
requirements

Examples of other requirements this task affects

VAR-03: Jatkuvuussuunnitelmat
Julkri
24: Jatkuvuudenhallinnan kuvaus
Digiturvan kokonaiskuvapalvelu
Article 11: Response and recovery
DORA
5.2.8: IT service continuity planning
TISAX
28.(1): Kiberriska pārvaldības un nepārtrauktības plāni
NIS2 Latvia
See all related requirements and other information from tasks own page.
Go to >
Defining the organization's continuity strategy
Communication to stakeholders on continuity plans
Critical
High
Normal
Low
Continuity management
46
requirements

Examples of other requirements this task affects

Članak 30.1.c: Kontinuitet poslovanja
NIS2 Croatia
9.10 §: Varmuuskopiointi ja jatkuvuuden hallinta
Kyberturvallisuuslaki
30 § 3.3°: La continuité et la gestion des crises
NIS2 Belgium
RC.CO-2: Reputation is repaired after an incident.
CyberFundamentals
14.5.4): Veiklos tęstinumą
NIS2 Lithuania
See all related requirements and other information from tasks own page.
Go to >
Communication to stakeholders on continuity plans
Communicating recovery measures to stakeholders
Critical
High
Normal
Low
Continuity management
6
requirements

Examples of other requirements this task affects

RC.CO-3: Recovery actions
NIST
Article 14: Communication
DORA
RC.CO-3: Recovery activities are communicated to internal and external stakeholders as well as executive and management teams
CyberFundamentals
4.2.3: Inform relevant stakeholders
NSM ICT-SP
RC.CO-03: Recovery activities and progress communication to stakeholders
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Communicating recovery measures to stakeholders
Staff awareness of continuity plans
Critical
High
Normal
Low
Continuity management
9
requirements

Examples of other requirements this task affects

VAR-04: Resurssit ja osaaminen
Julkri
1.6.3: Crisis preparedness
TISAX
§ 5.2: Test av system för krissituationer
MSBFS 2020:7
§ 26: Årlige awareness-tiltag
Energisektor beredskabsbekendtgørelse
§ 20: Femårige øvelsesplan
Energisektor beredskabsbekendtgørelse
See all related requirements and other information from tasks own page.
Go to >
Staff awareness of continuity plans
Continuous improvement of continuation plans
Critical
High
Normal
Low
Continuity management
16
requirements

Examples of other requirements this task affects

CC7.5: Recovery from security incidents
SOC 2
Article 11: Response and recovery
DORA
RS.IM-1: Response plans incorporate lessons learned.
CyberFundamentals
RS.IM-2: Response and Recovery strategies are updated.
CyberFundamentals
RC.IM-1: Recovery plans incorporate lessons learned.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Continuous improvement of continuation plans

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Get your compliance
foundation in minutes.

Learn what an AI-powered ISMS looks like in practice.
Start a free trial and see your compliance work launch in minutes.

Start free trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templatesTrust center
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessmentsInternal audits
Resources
AcademyWebinarsBlogHelp articlesVideo coursesTrust centerContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security