Overview Information security business resilience encompasses business continuity and disaster recovery from information security threats. As well as addressing the consequences of a major security incident, business resilience relates to the ability of an organisation to adapt to a dynamic changing environment of information security threats and conditions following an incident. Business resilience planning enables organisations to survive and succeed in an increasingly hostile risk, vulnerability and threat conscious environment. This standard concerns the competencies associated with managing business resilience activities, including disaster recovery and business continuity. This includes identifying and maintaining business continuity and disaster recovery strategies to achieve the maximum response and minimum period of disruption for information systems. TECHIS60851 1
Performance criteria You must be able to: 1. lead the information security business resilience function in line with organisational needs 2. ensure that business continuity and disaster recovery activities are wellplanned and fully implemented and tested 3. select business continuity and disaster recovery strategies in line with organisational requirements 4. lead the creation, testing and implementation of disaster recovery and business continuity plans 5. make reasoned decisions on the cost and value of business continuity and disaster recovery provision, negotiating with sponsors, stakeholders and superiors where appropriate 6. coordinate and maintain documentation of business continuity and disaster recovery plans 7. identify the appropriate individuals and their roles in leading and/or executing business continuity and disaster recovery plans and activities 8. design and lead capability gap assessments, based on current and future needs 9. elects business continuity and disaster recovery strategies consistent with the organisation's information risk appetite and maximum tolerable period of disruption 10. coordinate and communication of business recovery activities and status in the event of an incident occurring 11. establish and monitor local risk factors and coordinate with IT Risk Management to ensure global alignment 12. advise the information security management team on all issues, trends, and emerging business resiliency best practices, as it relates to information security issues 13. coordinate with the senior management on the development of the future roadmap and direction of business continuity and disaster recovery management 14. develop and facilitate training for business continuity and disaster recovery planning and management strategies, standards and procedures 15. provide an on-going review of business continuity and disaster recovery tools, techniques and activities for continuous improvement opportunities 16. design and lead the implementation of new, structured investment proposals to improve information security business continuity and disaster recovery resilience capabilities 17. define business continuity and disaster recovery testing programmes to assess the continued capability of business continuity plans TECHIS60851 2
TECHIS60851 3
Knowledge and understanding You need to know and understand: 1. what impact the consequences of an information security disaster scenario would have on the brand reputation and operational effectiveness of an organisation 2. what are the external factors and their implications that may impact on disaster recovery activities 3. how to design and develop business continuity and disaster recovery plans that meet the needs of the business and are logistically, technically, and financially feasible 4. what the best practice approaches for business continuity and disaster recovery planning are and how to apply them 5. how to apply information generated by disaster recovery activities in order to determine when and how to return to normal operations 6. where to source best practice in business continuity and disaster recovery activities 7. how to use and apply triggers in order to establish when to invoke a disaster recovery plan 8. how to monitor the alignment of business continuity and disaster recovery activities and their deliverables with all relevant legislation, regulations and external standards 9. the need to manage relationships with sponsors, stakeholders and external bodies and individuals on business continuity and disaster recovery activities, and how to do this 10. how to identify training needs, and where to source training provision 11. what are the priorities for recovering information systems and data assets impacted by a potential disaster and their relevance to business continuity management 12. who are the sponsors and other stakeholders for business continuity and disaster recovery activities 13. how to communicate business continuity and disaster recovery roles, responsibilities, processes and procedures to individuals, sponsors and other stakeholders 14. the importance of advising and guiding others on all aspects of business continuity and disaster recovery activities and their deliverables 15. how to negotiate with sponsors, stakeholders, external bodies and other individuals on how business continuity and disaster recovery plans must restore information systems and data assets TECHIS60851 4
Developed by e-skills Version Number 1 Date Approved January 2016 Indicative Review Date Validity Status Originating Organisation Original URN Relevant Occupations Suite Keywords April 2019 Current Original The Tech Partnership TECHIS60851 Information and Communication Technology; Information and Communication Technology Officer; Information and Communication Technology Professionals Information Security Information security, cyber security, resilience, disaster recovery, business continuity TECHIS60851 5