Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024

Expert Advice Community

Guest

Business Continuity Question

  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Business Continuity Question

I was wondering if the Business Continuity Disaster Recovery plan can function as an Availability policy as well. This is to comply with SOC 2.
0 0

Assign topic to the user

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.

Guest
DejanK Jan 12, 2016

I'm not really sure what is required by SOC 2, but in ISO 22301 the Business continuity policy has a very different function from the Business continuity plan, and therefore these two documents are normally separated.

However, merging those two documents is not forbidden in ISO 22301 - therefore you could theoretically do it although it would be a bit strange and impractical.

See also this article: The purpose of Business continuity policy according to ISO 22301 https://advisera.com/27001academy/blog/2013/06/04/the-purpose-of-business-continuity-policy-according-to-iso-22301/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics

Guest user Created:   Jun 27, 2023 ISO 27001 & 22301
Replies: 1
0 0

Business Continuity Procedure

Guest user Created:   Aug 18, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISMS and BCMS