CobiT definition:
The need for providing continuous IT services requires developing, maintaining and testing IT continuity plans, utilising offsite backup storage and providing periodic continuity plan training. An effective continuous service process minimises the probability and impact of a major IT service interruption on key business functions and processes.
Control over the IT process of
Ensure continuous service
that satisfies the business requirement for IT of
ensuring minimal business impact in the event of an IT service interruption
by focusing on
building resilience into automated solutions and developing, maintaining and testing IT continuity plans
is achieved by
- Developing and maintaining (improving) IT contingency
- Training on and testing IT contingency plans
- Storing copies of contingency plans and data at offsite locations
and is measured by
- Number of hours lost per user per month due to unplanned outages
- Number of business-critical processes relying on IT not covered by the IT continuity plan
Control objectives:
DS4 Ensure Continuous Service
DS4.1 IT Continuity Framework
DS4.2 IT Continuity Plans
DS4.3 Critical IT Resources
DS4.4 Maintenance of the IT Continuity Plan
DS4.5 Testing of the IT Continuity Plan
DS4.6 IT Continuity Plan Training
DS4.7 Distribution of the IT Continuity Plan
DS4.8 IT Services Recovery and Resumption
DS4.9 Offsite Backup Storage
DS4.10 Post-resumption Review
Check out the links for details on the control objectives.
Related posts:
- AI4 Enable Operation and Use CobiT definition: Knowledge about new systems is made available. This process requires the production of documentation and manuals for users...
- DS1 Define and Manage Service Levels CobiT definition: Effective communication between IT management and business customers regarding services required is enabled by a documented definition of...
- PO8 Manage Quality CobiT definition: A QMS is developed and maintained that includes proven development and acquisition processes and standards. This is enabled...
- AI7 Install and Accredit Solutions and Changes CobiT definition: New systems need to be made operational once development is complete. This requires proper testing in a dedicated...
- PO9 Assess and Manage IT Risks CobiT definition: A risk management framework is created and maintained. The framework documents a common and agreed-upon level of IT...
