Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook

Creating and documenting continuity plans

Critical
High
Normal
Low

Sometimes an unexpected event, such as a fire, flood, or equipment failure, can cause downtime. In order to be able to continue operations as quickly and smoothly as possible, continuity planning is carried out, i.e. planning the operations in advance for these exceptional situations.

Each continuity plan shall contain at least the following information:

  • Event for which the plan has been made
  • Goal for recovery time
  • Responsible persons and related stakeholders and contact information
  • Planned immediate actions
  • Planned recovery steps
Connected other frameworks and requirements:
T05: Jatkuvuuden hallinta
17.1.2: Implementing information security continuity
ISO 27001
ID.SC-5: Response and recovery
NIST CSF
PR.IP-9: Response and recovery plans
NIST CSF
RC.RP-1: Recovery plan
NIST CSF

Preparing for quick data recovery after faults

Critical
High
Normal
Low

Restorability refers to how quickly personal data are restored to be available and accessible in the event of a physical or technical failure.

Connected other frameworks and requirements:
12.3.1: Information backup
ISO 27001
17.1.2: Implementing information security continuity
ISO 27001
12.3: Backup
ISO 27001
PR.PT-5: Mechanisms
NIST CSF
5.29: Information security during disruption
ISO 27001
No items found.