Audit and Assurance

Expand all | Collapse all

Industry standards for IT Disaster Recovery and Cyber Security

  • 1.  Industry standards for IT Disaster Recovery and Cyber Security

    Posted 21 Aug, 2019 09:41
    ​Hi all

    I am looking to obtain some publicly-available literature on industry standards for IT Disaster Recovery and Cyber Security.

    For Cyber Security, I am considering using ISO 27001 as an initial reference point.  Would people agree?  If so, where is the best place to source further information as regards ISO 27001 audit programmes?

    For IT Disaster Recovery (as opposed to Business Continuity), Google searches are showing up a number of different ISO standards:

    • ISO 27031
    • ISO 22301
    • ISO 24762
    My sense is that ISO 24762 is the most relevant or best option but I wanted to see what others thought?  Also, similar to the above, where is the best place to source further information as regards ISO 27001 audit programmes?

    Thanks

    David

    ------------------------------
    David Spollen
    Director, IT Risk
    ------------------------------


  • 2.  RE: Industry standards for IT Disaster Recovery and Cyber Security

    Posted 22 Aug, 2019 08:36
    Hi David

    You are in a right track, you may also look at
    • https://drii.org
    • https://www.thebci.org
    • https://www.nist.gov › cyberframework
      ISO/IEC 27007:2017 INFORMATION TECHNOLOGY -- SECURITY TECHNIQUES -- GUIDELINES FOR INFORMATION SECURITY MANAGEMENT SYSTEMS AUDITING


    Regards,
    Xerxes


    ------------------------------
    Xerxes Philip Kiok Kan
    Head of Security and Controls
    ------------------------------