Posted by: Robert Davis
Backup, BCM, BCP, Business Continuity, Crisis Management, Disaster Recovery, DRP, Information Security Governance, Information Security Service Management, Information Technology Service Management, ISG, ISSM, ITSM, Service Delivery, Service Disruption, Threat Management
Where accepted as a managerial responsibility, an adequate ISG program should have security professionals participating in system life cycle design, acquisition, testing, and maintenance phases to ensure business continuity as well as availability requirements are appropriately incorporated, that selected contingency configuration items function as intended and that deployed service restoration features are not compromised during maintenance.
As synthesized sub-frameworks, Information Technology Service Management (ITSM) and Information Security Service Management (ISSM) promote entity information technology and information security units actively identifying services customers need; then focusing on planning and delivering defined services to meet availability as well as continuity requirements. Internally and externally; IT and/or information security units should manage accepted service-level agreements (SLAs) to meet agreed-upon service restoration targets.
“View Part I of the Business Continuity and IT Availability series here“