• Shopping Cart
    There are no items in your cart

CAN/CSA-ISO/IEC 27031:13 (R2017)

Current

Current

The latest, up-to-date edition.

Information technology - Security techniques - Guidelines for information and communication technology readiness for business continuity (Adopted ISO/IEC 27031:2011, first edition, 2011-03-01)

Available format(s)

Hardcopy , PDF

Language(s)

English, French

Published date

01-01-2013

€129.21
Excluding VAT

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviations
5 Overview
6 IRBC Planning
7 Implementation and Operation
8 Monitor and Review
9 IRBC improvement
Annex A (informative) - IRBC and milestones during
        a disruption
Annex B (informative) - High availability embedded
        system
Annex C (informative) - Assessing Failure Scenarios
Annex D (informative) - Developing Performance
        Criteria
Bibliography

Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T). At the time of publication, ISO/IEC 27031:2011 is available from ISO and IEC in English only. CSA Group will publish the French version when it becomes available from ISO and IEC. Scope This International Standard describes the concepts and principles of information and communication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization\'s ICT readiness to ensure business continuity. It applies to any organization (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity (IRBC) program, and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity (including security) of critical business functions. It also enables an organization to measure performance parameters that correlate to its IRBC in a consistent and recognized manner. The scope of this International Standard encompasses all events and incidents (including security related) that could have an impact on ICT infrastructure and systems. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.

DocumentType
Standard
ISBN
978-1-77139-089-7
Pages
0
ProductNote
Reconfirmed EN
PublisherName
Canadian Standards Association
Status
Current
Supersedes

Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T). At the time of publication, ISO/IEC 27031:2011 is available from ISO and IEC in English only. CSA Group will publish the French version when it becomes available from ISO and IEC. Scope This International Standard describes the concepts and principles of information and communication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization\'s ICT readiness to ensure business continuity. It applies to any organization (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity (IRBC) program, and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity (including security) of critical business functions. It also enables an organization to measure performance parameters that correlate to its IRBC in a consistent and recognized manner. The scope of this International Standard encompasses all events and incidents (including security related) that could have an impact on ICT infrastructure and systems. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.

Standards Relationship
ISO/IEC 27031:2011 Identical

ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements
ISO/IEC 18043:2006 Information technology Security techniques Selection, deployment and operations of intrusion detection systems
ISO/IEC 27003:2017 Information technology — Security techniques — Information security management systems — Guidance
ISO/IEC 27004:2016 Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation
BS 25999-1:2006 BUSINESS CONTINUITY MANAGEMENT - PART 1: CODE OF PRACTICE
IEC/ISO 31010:2009 Risk management - Risk assessment techniques
ISO 22301:2012 Societal security Business continuity management systems Requirements
ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
ISO/IEC TR 18044:2004 Information technology Security techniques Information security incident management
ISO/IEC 20000-1:2011 Information technology Service management Part 1: Service management system requirements
ISO/IEC 20000-2:2012 Information technology Service management Part 2: Guidance on the application of service management systems
ISO/IEC 27005:2011 Information technology Security techniques Information security risk management
ISO 9000:2015 Quality management systems — Fundamentals and vocabulary
ISO/IEC 27000:2016 Information technology Security techniques Information security management systems Overview and vocabulary
ISO/IEC 24762:2008 Information technology Security techniques Guidelines for information and communications technology disaster recovery services

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.