Information Security Aspects of Business Continuity Management
Author(s): ALEXANDRU, Alice-Cristiana
Author(s) keywords: business continuity management, disaster recovery, information security
Reference keywords: information security, risk management
Abstract:
Business Continuity Management provides understanding, developing and implementing business and technical processes within the organization, giving confidence in business-to-business and business-to-customer dealings. An important aspect of business continuity management is represented by the Information Security Management System. The main objective of the ISMS is to avoid or mitigate the disruptions to the business activities due to major failures of information system and to protect the critical processes in order to achieve the restoration of the company’s ability to perform the needed services.
References:
[1]. Business Continuity Management: Good Practice Guidelines, Business Continuity Institute, 2002.
[2]. BS 25999-1:2006, Business continuity management – Part 1: Code of practice, British Standards, 2006.
[3]. Business Continuity and Disaster Recovery for IT Professionals, Susan Snedaker, Syngress, 2007.
[4]. BCI Good Practice Guidelines 2010, Business Continuity Institute, 2010.
[5]. ISO/IEC 27001:2005, Information technology – Security techniques – Information security management systems – Requirements, International Organization for Standardization, 2005.
[6]. Insights into the ISO/IEC 27001 Annex A, Dr. David Brewer FBCS, Dr. Michael Nash FBCS, 2010, http://www.gammassl.co.uk/research/ 27001annexAinsights.pdf, accessed November 2014.
[7]. ISO27001 Controls and Objectives, University of Birmingham, https://intranet.birmingham.ac.uk/it/documents/public/Information-Security-Controls-Objectives.pdf, accessed October 2014.
[8]. Business continuity management and planning, https://www.ucisa.ac.uk/~/media/Files/publications/toolkits/ist/ISTEd3_Section_B%20pdf.ash, accessed October 2014.
Article Title: Information Security Aspects of Business Continuity Management
Author(s): ALEXANDRU, Alice-Cristiana
Date of Publication: 2016-12-29
Publication: International Journal of Information Security and Cybercrime
ISSN: 2285-9225 e-ISSN: 2286-0096
Digital Object Identifier: 10.19107/IJISC.2016.02.02
Issue: Volume 5, Issue 2, Year 2016
Section: Advances in Information Security Research
Page Range: 17-24 (8 pages)
Copyright ©2012-2024
The International Journal of Information Security and Cybercrime (IJISC)
All rights reserved
The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.