A Must For Every Company: The IT Emergency Plan

The implementation of an IT contingency plan makes sense and is a must when it comes to security attacks, but also when the IT infrastructure fails for other reasons. Log4j was the last major IT security gap that affected an extremely large number of companies and their IT infrastructures worldwide. It was necessary to close any data gaps as quickly as possible in order to prevent confidential data from leaking out.

The IT -Emergency plan – a must for companies

Many damage events affecting the IT systems of companies occur unexpectedly and suddenly, for example due to technical faults, fire, flooding or staff absences. It is important to react quickly in order to either completely avert or minimize damage to the company. An IT emergency plan comes into play here as a collection of measures to be taken and instructions on who has to do what in which case.

There are different standards depending on the operating mode , which management and IT managers can use as a guide: The BSI standard 100-4 applies to public sector companies and government agencies. It shows a systematic way to set up effective emergency management in public authorities. The aim is to prepare the institutions in such a way that the most important business processes can be resumed quickly in the event of a failure and the existence of the authority is secured.

The BVSW Digital offers courses and training

For private companies, the international standard ISO 22301 for Business Continuity Management (BCM) application. It focuses on a holistic risk assessment and involves the management levels in operational emergency management. The revised version of the ISO 22301 was in October 2019 presented. It must be implemented within three years from that date. Companies still have about six months to get certified according to the new standard.

Process analysis An IT emergency plan should document all IT systems and not just keep an eye on the pure IT infrastructure. Revenue-generating and thus business-critical processes must be prioritized. The IT emergency planning should therefore start with the recording of the company processes and their importance for the business process.

Evaluation of the processesOnce all necessary processes have been analyzed, the individual processes must be evaluated and prioritized will. One assessment factor for this is the costs that a company incurs should the respective process come to a standstill. In addition, legal obligations and any contractual penalties are included in the passaway calculation.

Constant adjustment An emergency plan must be regularly adjusted to the current procedures and processes. For this purpose, it is necessary to define responsibilities and create the corresponding capacities.

Use of planning software Standard software such as Excel or Word is often used to document IT emergency plans. However, these programs quickly reach their limits due to the many dependencies. The use of special planning software is worthwhile here. There is a suitable solution on the market for every purpose and every budget.

Ensuring availability If the IT is down, the IT emergency plan is used. It is therefore not expedient to store it on a central company server. IT emergency plans in printed form are of no help because they quickly become outdated and it is very difficult to keep them up to date. Instead, the plan should be saved on a notebook that has extensive administrator rights and a charged battery. For safety, this notebook should be kept in a safe.

Rehearsals for emergenciesIn order to be prepared in the event of an IT emergency, it is important to keep your nerve and, as the person responsible, to be well prepared. As with fire alarm drills in the company, an IT emergency plan should also be run through regularly under seemingly real conditions so that weak points are identified and employees have a better sense of security.

NachrichtenJetRead MoreSicherheit, „the, company:, emergency, every, for, must, Nachrichten, plan,

Schlüsseldienst für Mülheim

The IT -Emergency plan – a must for companies

The BVSW Digital offers courses and training

Verfasst von:

Schreibe einen Kommentar Antworten abbrechen