NF ISO/IEC 27031

NF ISO/IEC 27031

December 2014
Standard Cancelled

Information technology - Security techniques - Guidelines for information and communication technology readiness for business continuity

ISO/IEC 27031:2011 describes the concepts and principles of information and comunication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization's ICT readiness to ensure business continuity. It applies to any organization (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity program (IRBC), and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity (including security) of critical business functions. It also enables an organization to measure performance parameters that correlate to its IRBC in a consistent and recognized manner.The scope of ISO/IEC 27031:2011 encompasses all events and incidents (including security related) that could have an impact on ICT infrastructure and systems. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.

See more
View the extract
Main informations

Collections

National standards and national normative documents

Publication date

December 2014

Number of pages

46 p.

Reference

NF ISO/IEC 27031

ICS Codes

35.030   IT Security

Classification index

Z74-007

Print number

1

International kinship

ISO/IEC 27031:2011
Sumary
Information technology - Security techniques - Guidelines for information and communication technology readiness for business continuity

ISO/IEC 27031:2011 describes the concepts and principles of information and comunication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization's ICT readiness to ensure business continuity. It applies to any organization (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity program (IRBC), and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity (including security) of critical business functions. It also enables an organization to measure performance parameters that correlate to its IRBC in a consistent and recognized manner.

The scope of ISO/IEC 27031:2011 encompasses all events and incidents (including security related) that could have an impact on ICT infrastructure and systems. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.

Standard replaced by (1)
NF ISO/IEC 27031
July 2025
Standard Current
Cybersecurity - Information and communication technology readiness for business continuity

Table of contents
  • Avant-propos
    v
  • Introduction
    vi
  • 1 Domaine d'application
    1
  • 2 Références normatives
    1
  • 3 Termes et définitions
    2
  • 4 Abréviations
    3
  • 5 Généralités
    4
  • 6 Planification PTCA
    9
  • 7 Mise en oeuvre et exploitation
    16
  • 8 Suivi et revue
    22
  • 9 Amélioration de la PTCA
    30
  • Annexe A (informative) PTCA et jalons lors d'une perturbation
    31
  • Annexe B (informative) Système intégré à haute disponibilité
    33
  • Annexe C (informative) Évaluation des scénarios de défaillance
    34
  • Annexe D (informative) Développement des critères de performance
    36
  • Bibliographie
    37
ZOOM ON ... the Requirements department
To comply with a standard, you need to quickly understand its issues in order to determine its impact on your activity.

The Requirements department helps you quickly locate within the normative text:
- mandatory clauses to satisfy,
- non-essential but useful clauses to know, such as permissions and recommendations.

The identification of these types of clauses is based on the document “ISO / IEC Directives, Part 2 - Principles and rules of structure and drafting of ISO documents ”as well as on a constantly enriched list of verbal forms.

With Requirements, quickly access the main part of the normative text!

With Requirements, quickly access the main part of the normative text!
New: UPSELL service
- The UPSELL service allows you to easily update one of your standards.
- With a single click, add a new language, the Requirements or Redline+ service and add one or more additional users.
- Whether you are in the process of acquiring a standard or it is already available in your personal space, the UPSELL service is available at every stage to help you understand it and implement it within your organization.
Need to identify, monitor and decipher standards?

COBAZ is the simple and effective solution to meet the normative needs related to your activity, in France and abroad.

Available by subscription, CObaz is THE modular solution to compose according to your needs today and tomorrow. Quickly discover CObaz!

Request your free, no-obligation live demo

I discover COBAZ