Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Objective: A crisis situation occurs If exceptional situations (e.g. natural disasters, physical attacks, pandemics, exceptional social situations, cyber-attacks causing major infrastructure failures) are severely disrupting key business operations. In such cases, the main priority of the organization is to handle the situation as gracefully as possible and recover as quickly as possible. To achieve that and since time is of the essence, switching to a crisis management mode executing pre-planned procedures having specific distribution of responsibilities and structures enables an organization to deal with such a situation is the usual approach.
Requirements (must): An appropriate planning to react to and recover from crisis situations exists.
- The required resources are available.
Responsibilities and authority for crisis management within the organization are defined, documented, and assigned.
The responsible employees are defined and qualified for their task.
Requirements (should): Methods to detect crisis situations are established.
- General indications for the existence or imminence of a crisis situation and specific predictable crisis are identified
A procedure to invoke and/or escalate crisis management is in place.
Strategic goals and their priority in crisis situations are defined and known to relevant personnel. The following aspects are considered:
- Ethical priorities (e.g., protection of life and health)
- Core business processes (e.g., processes that ensure the survival of the organization)
- Appropriate information security
A crisis management team is defined and approved. The following aspects are considered:
- Management commitment
- Composition (e.g., participation of all major functions of the organization including organization leadership (management board), business operations (production), HR, information security, corporate security, corporate emergency services, IT/cyber security, communication, finance)
- Structure and roles
- Competences of members
- Expectation and authority
- Decision making procedures
Crisis policies and procedures are defined and approved. The following aspects are considered:
- Exceptional authorities and decision-making processes beyond the crisis management team
- Primary and backup means of communication
- Emergency operating procedures
- Exceptional organizational structures (e.g., reporting, information gathering, decision making)
- Exceptional functions, responsibilities, and authority (including reporting)
- Exceptional tools
Crisis planning is reviewed and updated regularly.
Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Objective: A crisis situation occurs If exceptional situations (e.g. natural disasters, physical attacks, pandemics, exceptional social situations, cyber-attacks causing major infrastructure failures) are severely disrupting key business operations. In such cases, the main priority of the organization is to handle the situation as gracefully as possible and recover as quickly as possible. To achieve that and since time is of the essence, switching to a crisis management mode executing pre-planned procedures having specific distribution of responsibilities and structures enables an organization to deal with such a situation is the usual approach.
Requirements (must): An appropriate planning to react to and recover from crisis situations exists.
- The required resources are available.
Responsibilities and authority for crisis management within the organization are defined, documented, and assigned.
The responsible employees are defined and qualified for their task.
Requirements (should): Methods to detect crisis situations are established.
- General indications for the existence or imminence of a crisis situation and specific predictable crisis are identified
A procedure to invoke and/or escalate crisis management is in place.
Strategic goals and their priority in crisis situations are defined and known to relevant personnel. The following aspects are considered:
- Ethical priorities (e.g., protection of life and health)
- Core business processes (e.g., processes that ensure the survival of the organization)
- Appropriate information security
A crisis management team is defined and approved. The following aspects are considered:
- Management commitment
- Composition (e.g., participation of all major functions of the organization including organization leadership (management board), business operations (production), HR, information security, corporate security, corporate emergency services, IT/cyber security, communication, finance)
- Structure and roles
- Competences of members
- Expectation and authority
- Decision making procedures
Crisis policies and procedures are defined and approved. The following aspects are considered:
- Exceptional authorities and decision-making processes beyond the crisis management team
- Primary and backup means of communication
- Emergency operating procedures
- Exceptional organizational structures (e.g., reporting, information gathering, decision making)
- Exceptional functions, responsibilities, and authority (including reporting)
- Exceptional tools
Crisis planning is reviewed and updated regularly.
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
