Incident response plans and other cybersecurity plans that affect operations are established, communicated, maintained, and improved.
Sometimes an unexpected event, such as a fire, flood, or equipment failure, can cause downtime. In order to be able to continue operations as quickly and smoothly as possible, continuity planning is carried out, i.e. planning the operations in advance for these exceptional situations.
Each continuity plan shall contain at least the following information:
The organization should create and maintain incident response plans. The response plans should include at least:
The organization should regularly, at least annually, test and review its information security continuity plans to ensure that they are valid and effective in adverse situations.
Testing of continuity plans shall involve, as appropriate, stakeholders critical to each plan. The organisation should identify and document the necessary contacts with suppliers and partners.
In addition, the adequacy of continuity plans and associated management mechanisms should be reassessed in the event of significant changes in operations.
The vulnerability management process is regularly tested at intervals specified by the organization to ensure that it is up-to-date, functional, and effective.
The organization shall establish a incident response plan for security incidents to critical information systems. Response plans should also be tested by the necessary organizational elements. The plan should take into account at least:
In addition, the plan should at least:
In the event of an incident, communication with internal and external stakeholders must be in accordance with the incident response plan.
The organization shall have procedures in place to communicate effectively with stakeholders and other participants during continuity plans and survival procedures.
Communication plans related to continuity plans shall include:
The organization regularly develops its continuity plans by analyzing the testing of the plans, training and their actual use in real situations.