Content library
CyberFundamentals (Belgium)
RC.IM-2: Recovery strategies are updated.

How to fill the requirement

CyberFundamentals (Belgium)

RC.IM-2: Recovery strategies are updated.

Task name
Priority
Status
Theme
Policy
Other requirements
Testing and reviewing continuity plans related to cyber security breaches
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Risk management and leadership
Continuity management
requirements

Task is fulfilling also these other security requirements

PR.IP-10: Response and recovery plan tests
NIST
RS.IM-2: Response strategies update
NIST
RC.IM-2: Recovery strategies
NIST
Article 11: Response and recovery
DORA
2.7: Varautuminen häiriötilanteisiin
TiHL: Tietoturva
1. Task description

The organization must test and update its response to the security breach at scheduled intervals or after significant changes. For critical parts of the organization, operational plans should be tested at least annually. Test results should be documented and communicated to improve the plan.

Regular testing and review of continuity plans
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Risk management and leadership
Continuity management
requirements

Task is fulfilling also these other security requirements

17.1.3: Verify, review and evaluate information security continuity
ISO27 Full
​​​​​​​ID.SC-5: Response and recovery
NIST
PR.IP-10: Response and recovery plan tests
NIST
RS.IM-2: Response strategies update
NIST
RC.IM-2: Recovery strategies
NIST
1. Task description

The organisation should regularly, at least annually, test and review its information security continuity plans to ensure that they are valid and effective in adverse situations.

Testing of continuity plans shall involve, as appropriate, stakeholders critical to each plan. The organisation should identify and document the necessary contacts with suppliers and partners

In addition, the adequacy of continuity plans and associated management mechanisms should be reassessed in the event of significant changes in operations.

Continuous improvement of continuation plans
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Risk management and leadership
Continuity management
requirements

Task is fulfilling also these other security requirements

CC7.5: Recovery from security incidents
SOC 2
Article 11: Response and recovery
DORA
RS.IM-2: Response and Recovery strategies are updated.
CyFun
RS.IM-1: Response plans incorporate lessons learned.
CyFun
RC.IM-1: Recovery plans incorporate lessons learned.
CyFun
1. Task description

The organisation regularly develops its continuity plans by analyzing the testing of the plans, training and their actual use in real situations.

No items found.