ICT Service Continuity Management & ISO 27031
In today’s highly competitive, information-led world, organisations are increasingly dependent on information and communications technology (ICT) to meet their demanding objectives and keep their stakeholders happy.
Hence ICT Managers, in their capacity as custodians of IT systems and services and communications technology, must ensure the maximum uptime possible.
ICT Service Continuity, as the name suggests, is the discipline used by ICT Managers to keep systems and services available to end users no matter what bad things may occur. From loss of a single server, or critical component, through to a devastating loss of the corporate data centre these events can have serious consequences for the organisation’s health if key systems and services cannot be restored within acceptable time frames.
Resilience to failure means not just the ability to be able to recover systems and services quickly. It also means trying to prevent the bad things happening in the first place. Eliminating single points of failure, where practical and cost-justified, is only one focus area for ICT Service Continuity. Having disaster recovery strategies aligned with the business need, fully supported by response plans and technical procedures is essential. Of course, these strategies need to be tested regularly and staff must be trained in how to effect a recovery.
At Teed we have hands on experience of ICT management so we understand the pressures ICT Managers are under to ensure continuity of service. We also understand the requirements of standards and best practice, including ITIL, ISO 27001, BS ISO 22301 / 22313 and BS ISO/IEC 27031. Taken together we can help ICT Managers maximise uptime and ensure they are prepared for the worst.
BS ISO/IEC 27031 Information technology - Cybersecurity - Information and communication technology readiness for business continuity
This International Standard describes the concepts and principles of information and communication technology (ICT) readiness for business continuity (IRBC) and provides a framework of methods and processes to identify and specify aspects for improving an organization's ICT readiness to ensure business continuity.
It applies to any organisation (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity (IRBC) programme, and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity (including security) of critical business functions. It also enables an organisation to measure performance parameters that correlate to its IRBC in a consistent and recognised manner.
As part of the BCM process, IRBC refers to a management system which complements and supports an organisation's BCM and/or ISMS program, to improve the readiness of the organisation to:
- Respond to the constantly changing risk environment
- Ensure continuation of critical business operations supported by the related ICT services
- Be ready to respond before an ICT service disruption occurs, upon detection of one or a series of related events that become incidents
- To respond and recover from incidents/disasters and failures.
Teed works with clients to assist them in implementing their IRBC programme aligned to the international standard. The case study on the left of this page provides a insight into how we helped our client bring their IRBC project to fruition.
- Date: 19th September 2023