What is BS ISO/IEC 27031:2011?
BS ISO/IEC 27031 gives best-practice guidelines for information and communication technology (ICT) to ensure business continuity. Since most processes in an organization depend on ICT, disruptions to these systems can lead to huge risks and damage the company’s reputation.
Security breaches, such as system intrusions or malware infections, are two examples of inefficient ICT that can have a serious impact on business-critical functions. By incorporating these guidelines, organizations can improve their management operations, planning processes, data processing and data transmission, while keeping critical documents safe.
How does it work?
BS ISO/IEC 27031 outlines systematic processes to prevent, predict and manage disruptive ICT incidents that can have an impact on business continuity. One of the recommendations includes the Plan-Do-Check-Act cyclical steps as part of the management system. This supports an organization’s continuity by making sure its ICT services are resilient and can be recovered to pre-determined levels within agreed timescales.
Who should buy it?
- Information and communication technology managers
- Information technology managers
- Personnel involved with risk assessment and risk analysis
- Software engineers
- Network engineers and managers
Why BSI?
BSI is a global, independent and trusted service provider to 80,000 businesses. They operate in 147 countries and are the number one certification body in the UK and US.
Why you need the BS ISO/IEC 27031:2011?
The BS ISO/IEC 27031:2011 is a standard methodology for information technology continuity management for large organization. A large number of organizations use this standard to maintain their systems.
Compliance means that the business system is in a position to prevent damages and provide timely recovery and continued business operation in case of an incident. All the main service providers now have a defined set of standards for ensuring resilience and continuity to their ICT systems and the level at which they comply with BS ISO/IEC 27031:2011.
BS ISO/IEC 27031:2011 provides best practice guidance for management systems for information technology. The user can choose any method suitable for the size of the organization concerned and to the level of detail. An organization can choose to incorporate a high or low level of detail, depending on the existing capabilities. The standard also provides flexibility to allow organizations to develop their own capability.
What is included?
The standard provides detailed processes for risk assessment, the identification of business continuity requirements, planning for backup and recovery, verifying testing and implementing the process. The standard also covers the business continuity capability of the ICT function, security management and business impact analysis, border resilience, remote access to critical business services, disaster recovery planning and disaster recovery testing.