Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
To support cyber resilience and secure the delivery of critical services, the necessary requirements are identified, documented and their implementation tested and approved.
Guidance
- Consider implementing resiliency mechanisms to support normal and adverse operational situations
(e.g., failsafe, load balancing, hot swap).
- Consider aspects of business continuity management in e.g. Business Impact Analyse (BIA), Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP).
Information processing & supporting facilities shall implement redundancy to meet availability requirements, as defined by the organization and/or regulatory frameworks.
Guidance
- Consider provisioning adequate data and network redundancy (e.g. redundant network devices, servers with load balancing, raid arrays, backup services, 2 separate datacentres, fail-over network connections, 2 ISP's…).
- Consider protecting critical equipment/services from power outages and other failures due to utility interruptions (e.g. UPS & NO-break, frequent test, service contracts that include regular maintenance, redundant power cabling, 2 different power service providers...).
Recovery time and recovery point objectives for the recovery of essential ICT/OT system processes shall be defined.
Guidance
- Consider applying the 3-2-1 back-up rule to improve RPO and RTO (maintain at least 3 copies of your data, keep 2 of them at separate locations and one copy should be stored at an off-site location).
- Consider implementing mechanisms such as hot swap, load balancing and failsafe to increase resilience.
To support cyber resilience and secure the delivery of critical services, the necessary requirements are identified, documented and their implementation tested and approved.
Guidance
- Consider implementing resiliency mechanisms to support normal and adverse operational situations
(e.g., failsafe, load balancing, hot swap).
- Consider aspects of business continuity management in e.g. Business Impact Analyse (BIA), Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP).
Information processing & supporting facilities shall implement redundancy to meet availability requirements, as defined by the organization and/or regulatory frameworks.
Guidance
- Consider provisioning adequate data and network redundancy (e.g. redundant network devices, servers with load balancing, raid arrays, backup services, 2 separate datacentres, fail-over network connections, 2 ISP's…).
- Consider protecting critical equipment/services from power outages and other failures due to utility interruptions (e.g. UPS & NO-break, frequent test, service contracts that include regular maintenance, redundant power cabling, 2 different power service providers...).
Recovery time and recovery point objectives for the recovery of essential ICT/OT system processes shall be defined.
Guidance
- Consider applying the 3-2-1 back-up rule to improve RPO and RTO (maintain at least 3 copies of your data, keep 2 of them at separate locations and one copy should be stored at an off-site location).
- Consider implementing mechanisms such as hot swap, load balancing and failsafe to increase resilience.
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
