ISO/IEC 27031:2011 describes the concepts and principles of information and communication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organisation’s ICT readiness to ensure business continuity. It applies to any organisation (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity programme (IRBC), and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity (including security) of critical business functions. It also enables an organisation to measure performance parameters that correlate to its IRBC in a consistent and recognised manner.
The scope of ISO/IEC 27031:2011 encompasses all events and incidents (including security related) that could have an impact on ICT infrastructure and systems. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.
Purchase and use of this product is governed by this EULA.