AMC1 IS.I.OR.220(c) Information security incidents -- detection, response and recovery

Navigate / EASA

Ask question Discover more Add to collection

AMC1 IS.I.OR.220(c) Information security incidents — detection, response and recovery

ED Decision 2023/009/R

When complying with the requirement in IS.I.OR.220(c), the organisation should develop an incident recovery procedure including at least the following:

(a) a list of those assets that enable safe operations, as well as the dependencies among them, constituting the scope of the recovery;

(b) a description of the process with the necessary priority actions to be executed for a return to a safe and secure state for the assets within the scope of the recovery;

(c) the resources required to execute the actions defined in point (b) to ensure that these resources are readily available after an incident has occurred;

(d) the objectives for recovery time that should be set in relation to the safety criticality of the assets within the scope of the recovery.

Details

Source-Title: AMC1 IS.I.OR.220(c) Information security incidents -- detection, response and recovery View latest amendments

Erulesid: ERULES-1963177438-21770 Compare versions

Domain: Information Security (IS)

Amendedby: Issue 1

Applicabilitydate: 22 February, 2026

Entryintoforcedate: 14 July, 2023

Regulatorysource: ED Decision 2023/009/R Navigate

Regulatorysubject: Part-IS.I.OR

Typeofcontent: AMC to IR (Acceptable means of compliance to implementing rule)

Parentir: IS.I.OR.220 Information security incidents -- detection, response and recovery

Origin: EASA

Category: EAR