A B C D E F G H I J K L M N O P R S T U V W Z
In Is It
Iso/I Iso/P Iso/T

ISO/PAS 22399:2007

Titel:

Societal security - Guidelines for incident preparedness and operational continuity management

Herausgeber:

ISO (TC 223)

Veröffentlichung:

Dezember 2007 - zurückgezogen am 25.11.2013 (withdrawn stage 95.99)

Beschreibung:

Guidance für Incident Management

1 Scope ..................................................................................................................................................... 1

2 Normative references ........................................................................................................................... 2

3 Terms and definitions........................................................................................................................... 2

4 General................................................................................................................................................... 8

5 Policy ..................................................................................................................................................... 9

5.1 Establishing the program .................................................................................................................... 9

5.2 Defining program scope ...................................................................................................................... 9

5.3 Management leadershipand commitment ....................................................................................... 10

5.4 Policy development ............................................................................................................................ 10

5.5 Policy review ....................................................................................................................................... 10

5.6 Organizational structure for implementation................................................................................... 11

6 Planning ............................................................................................................................................... 11

6.1 General................................................................................................................................................. 11

6.2 Legal and other requirements ........................................................................................................... 11

6.3 Risk assessment and impact analysis .............................................................................................12

6.4 Hazard, risk, and threat identification............................................................................................... 12

6.5 Risk assessment................................................................................................................................. 12

6.6 Impact analysis ................................................................................................................................... 12

6.7 Incident preparedness and operational continuity management programs ................................ 13

7 Implementation and operation .......................................................................................................... 17

7.1 Resources, roles, responsibility and authority ............................................................................... 17

7.2 Building and embedding IPOCM in the organization's culture ...................................................... 17

7.3 Competence, training and awareness ..............................................................................................18

7.4 Communications and warning .......................................................................................................... 18

7.5 Operational control............................................................................................................................. 19

7.6 Finance and administration............................................................................................................... 20

8 Performance assessment .................................................................................................................. 20

8.1 System evaluation .............................................................................................................................. 20

8.2 Performance measurement and monitoring .................................................................................... 20

8.3 Testing and exercises ........................................................................................................................ 21

8.4 Corrective and preventive action ...................................................................................................... 21

8.5 Maintenance ........................................................................................................................................ 22

8.6 Internal audits and self assessment ................................................................................................. 22

9 Management review............................................................................................................................ 23

Annex A(informative) Impact analysis procedure........................................................................................ 24

Annex B(informative) Emergency response management program.......................................................... 26

Annex C(informative) Continuity management program ............................................................................ 28

Annex D(informative) Building an incident preparedness and operational continuity culture............... 30

Zertifizierung:

keine Zertifizierung des BCM nach ISO 22399 möglich

Bezug:

ISO

Ähnliche Einträge