Meeting ISO 27031 Requirements

Meeting ISO 27031 Requirements

ISO 27031

The ISO Standard defines the Information and Communication Technology (ITC) Requirements for Business Continuity (IRBC) program that supports the mandate for an infrastructure that supports business operations when an event or incident with its related disruptions affects the continuity of critical business functions. This includes security of crucial data as well as enterprise operations.

The ISO standard centers around fours areas; Plan, Do, Check, and Act.

Plan Do Check Act Cycle

  • Plan – Establish a Disaster Recovery Business Continuity policy with objectives, metrics, and processes relevant to managing risk and improving the enterprise’s Information and Communication Technology ability and readiness to operate at the level defined within the parameters of the enterprise’s overall disaster recovery and business continuity objectives.
  • Do – Implement and operate the Disaster Recovery and Business Continuity policies, procedures, controls, and processes.
  • Check – Assess and monitor the performance metrics as defined within the Disaster Recovery and Business Continuity policy metrics and communicate the results to the management of the enterprise. This process can be done via an audit, a test of the plan, or an actual execution of the plan via a post event analysis session.
  • Act – Modify the Disaster Recovery and Business Continuity policies, procedures, and metrics based on the “Check” (audit, test, or execution of the plan) in order to improve the Disaster Recovery and Business Continuity Policy.

Order Disaster Plan TemplateDisaster Plan Sample

 

Author: M V Janulaitis

Victor Janulaitis is the CEO of Janco Associates. He has been a professor at the USC Graduate School of Business and has been a guest lecturer at UCLA and a Graduate School at Harvard University.