AMC1 IS.I.OR.220(c) Information security incidents -- detection, response and recovery

• ED Decision 2023/009/R found in: Information Security (2023/203 and 2022/1645) Part-IS (Jun 2024)

AMC1 IS.I.OR.220(c) Information security incidents — detection, response and recovery ED Decision 2023/009/R When complying with the requirement in [IS.I.OR.220](#_DxCrossRefBm1193569549)(c), the organisation should develop an incident recovery procedure including at least the following: (a)     a list of those assets that enable safe operations, as well as the dependencies among them, constituting the scope of the recovery; (b)     a description of the process with the necessary priority actions to be executed for a return to a safe and secure state for the assets within the scope of the recovery; (c)      the resources required to execute the actions defined in point (b) to ensure that these resources are readily available after an incident has occurred; (d)     the objectives for recovery time that should be set in relation to the safety criticality of the assets within the scope of the recovery.