The idea of resilience - that an organisation's systems and processes should be resilient against outside attack or natural disaster - is a key principle underpinning the ISO27001 international standard.
Business continuity for Information and Communication Systems is fundamental to an effective ISMS. ISO27031 (ISO/IEC 27031) Guidelines for ICT Readiness for Business Continuity provides detailed and valuable guidance on how this critical aspect should be tackled.
Designed to work within a broader Enterprise business continuity management system (such as that specified in the world-leading ISO22301), ISO27031 should form part of every organisation's planning for cyber security.
Cyber resilience is, really, part of a wider business resilience strategy.
While development of a broad business resilience strategy should fit within an organisation's enterprise risk management framework, there is no reason to delay dealing with cyber resilience because a wider business resilience strategy has still to be developed. Published by GCHQ, the '10 Steps to Cyber Security' framework sets out a simplistic approach to handling cyber risk to help secure your information and ensure your business thrives in the internet age. A robust assessment of your performance can be carried out in each of these 10 areas by IT Governance, providing you with a tailored and usable action plan that will help you close the gap between what you’re actually doing and recognised good practice.
IT Governance is able to provide a range of cyber resiliance solutions to help you ensure your organisation is best placed to mitigate unexpected situations or events.
Visit these pages for more information: