Sometimes an unexpected event, such as a fire, flood, or equipment failure, can cause downtime. In order to be able to continue operations as quickly and smoothly as possible, continuity planning is carried out, i.e. planning the operations in advance for these exceptional situations.
Each continuity plan shall contain at least the following information:
The organisation must ensure the availability of information systems throughout their entire lifecycle. For this reason, the availability requirements of different information systems (especially the maximum time a system can be out of service, recovery time objective, and recovery point objective) must be met.
The implementation of availability requirements must take into account the load endurance, fault tolerance, and recovery time required from the information system.
Additionally, the need for procedures that protect availability has been identified, and procedures have been implemented with customized protections for critical systems. These protections may include, for example, redundancy of key network connections, hardware, and application execution environments.
The operation of information systems may depend on certain key resources, such as server capacity, file storage capacity, data processing capacity, monitoring capacity or certain key persons.
In particular, some of these resources may have long delivery times or high costs in certain situations, in which case special attention must be paid to future capacity problems with them.
We monitor the use of key system resources and identify trends, potential security bottlenecks and dependencies on important people.
Restorability refers to how quickly personal data are restored to be available and accessible in the event of a physical or technical failure.