AMC1
IS.I.OR.220(c) Information security incidents — detection, response and
recovery
ED Decision 2023/009/R
When complying with the requirement in IS.I.OR.220(c), the organisation should develop an incident recovery procedure including at least the following:
(a) a list of those assets that enable safe operations, as well as the dependencies among them, constituting the scope of the recovery;
(b) a description of the process with the necessary priority actions to be executed for a return to a safe and secure state for the assets within the scope of the recovery;
(c) the resources required to execute the actions defined in point (b) to ensure that these resources are readily available after an incident has occurred;
(d) the objectives for recovery time that should be set in relation to the safety criticality of the assets within the scope of the recovery.
Loading collections...