درباره ما
ISO ISO/IEC 24762
Information technology — Security techniques — Guidelines for information and communications technology disaster recovery services - First edition
Organization:
ISO - International Organization for Standardization
Year: 2008
Abstract: General
This International Standard describes the basic practices which ICT DR service providers, both in-house and outsourced, should consider.
It covers the requirements that service providers should meet, recognizing that individual organizations may have additional requirements that are specific to them (which would have to be addressed in the agreements/contracts with service providers). Examples of such organization requirements may include special encryption software and secured operation procedures, equipment, knowledgeable personnel and application documentation. Such additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis and are the subject of detailed contract negotiations between organizations and their ICT DR service providers and are not within the scope of this International Standard.
Exclusions
This International Standard does not:
a) provide any guidance on business continuity management as a whole for organizations;
b) take precedence over any laws and regulations, both existing and those in the future;
c) have any legal power over the Service Level Agreements (SLAs) included in negotiated contracts between organizations and service providers;
d) address requirements, legal or otherwise, governing normal business operations to be adhered to by service providers. Examples of such requirements include detailed regulations covering building and fire safety, occupational health and safety, copyright regulation and prevailing human resource practices;
e) provide an exhaustive list, and thus technical security controls are not covered. Readers should refer to ISO/IEC 27001 and ISO/IEC 27002, vendor literature and other technical references, as necessary.
Audience
This International Standard applies to:
a) all organizations requiring the ICT DR services as part of their business (whether in-house and/or outsourced);
b) ICT DR service providers in their provision of ICT DR services;
c) communities of organizations with reciprocal or mutual arrangements.
This International Standard describes the basic practices which ICT DR service providers, both in-house and outsourced, should consider.
It covers the requirements that service providers should meet, recognizing that individual organizations may have additional requirements that are specific to them (which would have to be addressed in the agreements/contracts with service providers). Examples of such organization requirements may include special encryption software and secured operation procedures, equipment, knowledgeable personnel and application documentation. Such additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis and are the subject of detailed contract negotiations between organizations and their ICT DR service providers and are not within the scope of this International Standard.
Exclusions
This International Standard does not:
a) provide any guidance on business continuity management as a whole for organizations;
b) take precedence over any laws and regulations, both existing and those in the future;
c) have any legal power over the Service Level Agreements (SLAs) included in negotiated contracts between organizations and service providers;
d) address requirements, legal or otherwise, governing normal business operations to be adhered to by service providers. Examples of such requirements include detailed regulations covering building and fire safety, occupational health and safety, copyright regulation and prevailing human resource practices;
e) provide an exhaustive list, and thus technical security controls are not covered. Readers should refer to ISO/IEC 27001 and ISO/IEC 27002, vendor literature and other technical references, as necessary.
Audience
This International Standard applies to:
a) all organizations requiring the ICT DR services as part of their business (whether in-house and/or outsourced);
b) ICT DR service providers in their provision of ICT DR services;
c) communities of organizations with reciprocal or mutual arrangements.
Collections
:
-
Statistics
ISO ISO/IEC 24762
Show full item record
| contributor author | ISO - International Organization for Standardization | |
| date accessioned | 2017-09-04T18:48:22Z | |
| date available | 2017-09-04T18:48:22Z | |
| date copyright | 2008.02.01 | |
| date issued | 2008 | |
| identifier other | KORGCCAAAAAAAAAA.pdf | |
| identifier uri | http://yse.yabesh.ir/std;jsessionid=4503AF90CA1BDD1446F7DE79CFF7111E/handle/yse/229643 | |
| description abstract | General This International Standard describes the basic practices which ICT DR service providers, both in-house and outsourced, should consider. It covers the requirements that service providers should meet, recognizing that individual organizations may have additional requirements that are specific to them (which would have to be addressed in the agreements/contracts with service providers). Examples of such organization requirements may include special encryption software and secured operation procedures, equipment, knowledgeable personnel and application documentation. Such additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis and are the subject of detailed contract negotiations between organizations and their ICT DR service providers and are not within the scope of this International Standard. Exclusions This International Standard does not: a) provide any guidance on business continuity management as a whole for organizations; b) take precedence over any laws and regulations, both existing and those in the future; c) have any legal power over the Service Level Agreements (SLAs) included in negotiated contracts between organizations and service providers; d) address requirements, legal or otherwise, governing normal business operations to be adhered to by service providers. Examples of such requirements include detailed regulations covering building and fire safety, occupational health and safety, copyright regulation and prevailing human resource practices; e) provide an exhaustive list, and thus technical security controls are not covered. Readers should refer to ISO/IEC 27001 and ISO/IEC 27002, vendor literature and other technical references, as necessary. Audience This International Standard applies to: a) all organizations requiring the ICT DR services as part of their business (whether in-house and/or outsourced); b) ICT DR service providers in their provision of ICT DR services; c) communities of organizations with reciprocal or mutual arrangements. | |
| language | English | |
| title | ISO ISO/IEC 24762 | num |
| title | Information technology — Security techniques — Guidelines for information and communications technology disaster recovery services - First edition | en |
| type | standard | |
| page | 112 | |
| status | Active | |
| tree | ISO - International Organization for Standardization:;2008 | |
| contenttype | fulltext |