Comments on Standards in Information Security, Disaster Recovery, Business Continuity and Business Resilience
This Chapter looks at some aspects of the private sector approach to resilience. There are a number of ways this can be approached by both business and as a subject. However, over the last twenty years or so, there has been continuous development of an approach related to firstly disaster recovery, then business recovery, then business continuity, and, most recently, a move toward business resilience; which will potentially obsolete all the former. This progression has seen the development of some standards. These have been focused on the regulated businesses. This Chapter charts this journey and ends by comparing a significant number of the different standards now in use. As this book goes to press the new Business Continuity Standard in the UK, BS25999, has been published, which is really the next step in the business continuity industry’s development. As with all Critical Infrastructures, the mission critical elements of a business are almost always related to Information Infrastructures these days. Hence the concentration on standards related to Information Infrastructure. This Chapter reproduces text from articles by the author originally published in Continuity Planning’s online newsletter.
KeywordsAccess Control Information Security Disaster Recovery Information Protection Security Standard
Unable to display preview. Download preview PDF.