Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
ID.IM-04.1: Contingency and continuity plans shall be established, communicated, maintained, tested, validated, and improved. |
|
ID.IM-04.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p58 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p79 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure organisational resilience by establishing, maintaining, and improving contin- gency and continuity plans that enable effective response and recovery from disruptions. To achieve this goal, the organisation should:</p><ul><li>Establish Comprehensive Plans Plans should include:<ul><li>Incident Response Plan (IRP)</li><li>Business Continuity Plan (BCP)</li><li>Disaster Recovery Plan (DRP) These should address operational disruptions, data breaches, and mission-critical failures.</li></ul></li><li>Define Clear Plan Content Plans should include:<ul><li>Contact and communication details</li><li>Roles, responsibilities, and authorities (aligned with GV.RR-02.1)</li><li>Procedures for common scenarios</li><li>Criteria for prioritisation, escalation, and decision-making IRPs should cover detection, containment, response, and recovery from cyber incidents.</li></ul></li><li>Communicate and Train Plans should be communicated to all relevant personnel. A Crisis Management Team should be established with representatives from key departments (e.g. IT, legal, HR, PR) and trained to act during crises.</li><li>Maintain and Review Plans Plans should be reviewed at least annually or after major changes or incidents. Updates should reflect lessons learned and evolving risks.</li><li>Test and Validate Regularly Plansshouldbetestedthroughrealisticscenarios.Validationshouldconfirmthatproceduresworkasintended and meet operational needs. Results should be documented.</li><li>Continuously Improve Feedback from tests, incidents, and reviews should drive improvements. Enhancements should be prioritised based on risk and impact to ensure continuity of essential functions.</li><li>See also: Policy templates available on www.cyfun.eu</li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure organisational resilience by establishing, maintaining, and improving contin- gency and continuity plans that enable effective response and recovery from disruptions. To achieve this goal, the organisation should: - Establish Comprehensive Plans Plans should include: - Incident Response Plan (IRP) - Business Continuity Plan (BCP) - Disaster Recovery Plan (DRP) These should address operational disruptions, data breaches, and mission-critical failures. - Define Clear Plan Content Plans should include: - Contact and communication details - Roles, responsibilities, and authorities (aligned with GV.RR-02.1) - Procedures for common scenarios - Criteria for prioritisation, escalation, and decision-making IRPs should cover detection, containment, response, and recovery from cyber incidents. - Communicate and Train Plans should be communicated to all relevant personnel. A Crisis Management Team should be established with representatives from key departments (e.g. IT, legal, HR, PR) and trained to act during crises. - Maintain and Review Plans Plans should be reviewed at least annually or after major changes or incidents. Updates should reflect lessons learned and evolving risks. - Test and Validate Regularly Plansshouldbetestedthroughrealisticscenarios.Validationshouldconfirmthatproceduresworkasintended and meet operational needs. Results should be documented. - Continuously Improve Feedback from tests, incidents, and reviews should drive improvements. Enhancements should be prioritised based on risk and impact to ensure continuity of essential functions. - See also: Policy templates available on www.cyfun.eu |
|
A general note, for any purpose. |
The goal of this control is to ensure organisational resilience by establishing, maintaining, and improving contin- gency and continuity plans that enable effective response and recovery from disruptions. To achieve this goal, the organisation should: - Establish Comprehensive Plans Plans should include: - Incident Response Plan (IRP) - Business Continuity Plan (BCP) - Disaster Recovery Plan (DRP) These should address operational disruptions, data breaches, and mission-critical failures. - Define Clear Plan Content Plans should include: - Contact and communication details - Roles, responsibilities, and authorities (aligned with GV.RR-02.1) - Procedures for common scenarios - Criteria for prioritisation, escalation, and decision-making IRPs should cover detection, containment, response, and recovery from cyber incidents. - Communicate and Train Plans should be communicated to all relevant personnel. A Crisis Management Team should be established with representatives from key departments (e.g. IT, legal, HR, PR) and trained to act during crises. - Maintain and Review Plans Plans should be reviewed at least annually or after major changes or incidents. Updates should reflect lessons learned and evolving risks. - Test and Validate Regularly Plansshouldbetestedthroughrealisticscenarios.Validationshouldconfirmthatproceduresworkasintended and meet operational needs. Results should be documented. - Continuously Improve Feedback from tests, incidents, and reviews should drive improvements. Enhancements should be prioritised based on risk and impact to ensure continuity of essential functions. - See also: Policy templates available on www.cyfun.eu |
|
A general note, for any purpose. |
The goal of this control is to ensure organisational resilience by establishing, maintaining, and improving contin- gency and continuity plans that enable effective response and recovery from disruptions. To achieve this goal, the organisation should: • Establish Comprehensive Plans Plans should include: o Incident Response Plan (IRP) o Business Continuity Plan (BCP) o Disaster Recovery Plan (DRP) These should address operational disruptions, data breaches, and mission-critical failures. • Define Clear Plan Content Plans should include: o Contact and communication details o Roles, responsibilities, and authorities (aligned with GV.RR-02.1) o Procedures for common scenarios o Criteria for prioritisation, escalation, and decision-making IRPs should cover detection, containment, response, and recovery from cyber incidents. • Communicate and Train Plans should be communicated to all relevant personnel. A Crisis Management Team should be established with representatives from key departments (e.g. IT, legal, HR, PR) and trained to act during crises. • Maintain and Review Plans Plans should be reviewed at least annually or after major changes or incidents. Updates should reflect lessons learned and evolving risks. • Test and Validate Regularly Plansshouldbetestedthroughrealisticscenarios.Validationshouldconfirmthatproceduresworkasintended and meet operational needs. Results should be documented. • Continuously Improve Feedback from tests, incidents, and reviews should drive improvements. Enhancements should be prioritised based on risk and impact to ensure continuity of essential functions. • See also: Policy templates available on www.cyfun.eu |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
ID.IM-04.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Contingency and continuity plans |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
Contingency and continuity plans shall be established, communicated, maintained, tested, validated, and improved. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
1 |
|
|
The number of triples associated with the subject. |
22 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 24 of 24
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1