Organization must identify the required level of availability for the services it offers as well as for any related data systems and other data processing environment. The organization must plan its systems and operations so that the availability level can be met.
When planning a resilient data processing environment, the organization should consider the following factors:
For example, in important production systems, the resilience should also be tested regularly to ensure a smooth transition to backup solutions during incidents.
Often, security tools provide a way to set alert policies when something potentially dangerous happens in an organization's environment. For example, Microsoft 365 has built-in alert policies to alert you to abuse of administrator privileges, malware, potential internal and external risks, and data security risks.
The organization must identify security-related events in data systems and the environments in which they operate. To respond to changes related to these events, alarm policies must be created.
Alarm policies need to be actively monitored and modified based on experience.
The operation of basic services (such as electricity, telecommunications, water supply, sewerage, heating, ventilation and air conditioning) will be monitored to ensure that their capacity covers business growth.