|
PR.DS-11.2: The reliability and integrity of backups shall be verified and tested regularly.
|
http://cyfun.data.gift/data/requirement_PR_DS_11_2
|
19 |
|
PR.DS-11.3: The organisation shall maintain secure backups of business-critical data in a separate storage location to ensure data availability in case of system failure or data loss. Backup storage shall apply equivalent security controls as the primary environment.
|
http://cyfun.data.gift/data/requirement_PR_DS_11_3
|
19 |
|
PR.DS-11.4: The organisation shall regularly verify the integrity and recoverability of backups through coordinated testing with all relevant continuity and incident response func- tions. Backup testing shall be integrated into broader resilience planning, including business continuity, disaster recovery, and cyber incident response.
|
http://cyfun.data.gift/data/requirement_PR_DS_11_4
|
17 |
|
PR.DS-11.5: is an evolution — not a repetition — of PR.DS-11.3 and PR.DS-11.4. While the earlier controls focus on where and how backups are stored and verified, PR.DS-11.5 focuses on what is being backed up and how it is logically separated to optimise recovery: · PR.DS-11.3 ensures backups are secure and stored separately. · PR.DS-11.4 ensures backups are tested and integrated into recovery planning. · PR.DS-11.5 ensures functional separation between system and data backups to enable faster, more targeted recovery.
|
http://cyfun.data.gift/data/requirement_PR_DS_11_5
|
17 |
|
PR.DS-11: Backups of data are created, protected, maintained, and tested
|
http://cyfun.data.gift/data/nist_subcategory_PR_DS_11
|
5 |
|
PR.DS-11: Backups of data are created, protected, maintained, and tested
|
http://cyfun.data.gift/data/subcategory_PR.DS-11
|
25 |
|
PR.DS: Data Security
|
http://cyfun.data.gift/data/category_PR.DS
|
27 |
|
PR.DS: Data Security
|
http://cyfun.data.gift/data/nist_category_PR_DS
|
5 |
|
PR.IR-01.1: Firewalls shall be installed, configured, and actively maintained on all networks used by the organisation to protect against unauthorised access and cyber threats.
|
http://cyfun.data.gift/data/requirement_PR_IR_01_1
|
26 |
|
PR.IR-01.2: To safeguard critical systems, organisations shall implement network segmentation and segregation aligned with trust boundaries and asset criticality, thereby limiting threat propagation and enforcing strict access control
|
http://cyfun.data.gift/data/requirement_PR_IR_01_2
|
23 |
|
PR.IR-01.3: To ensure operational stability and security, the organisation shall, without exception, identify, document, and control connections between components of its critical systems.
|
http://cyfun.data.gift/data/requirement_PR_IR_01_3
|
21 |
|
PR.IR-01.4: The organisation shall implement appropriate boundary protection measures to monitor and control communications at external and key internal boundaries of its critical systems, across both IT and OT environments, to ensure secure and reliable operations.
|
http://cyfun.data.gift/data/requirement_PR_IR_01_4
|
21 |