S 6 Safeguard Catalogue: Contingency Planning

S 6.1 Development of a survey of availability requirements
S 6.2 Definition of "emergency", person-in-charge in an "emergency"
S 6.3 Development of an Emergency Procedure Manual
S 6.4 Documentation on the capacity requirements of IT applications
S 6.5 Definition of "restricted IT operation"
S 6.6 Study of internally and externally available alternatives
S 6.7 Responsibilities in an emergency
S 6.8 Alert plan
S 6.9 Contingency plans for selected incidents
S 6.10 Contingency plans for breakdown of data transmission
S 6.11 Development of a post-incident recovery plan
S 6.12 Emergency preparedness exercises
S 6.13 Development of a data backup plan
S 6.14 Replacement procurement plan
S 6.15 Agreements with suppliers
S 6.16 Taking out insurance
S 6.17 Alert plan and fire drills
S 6.18 Provision of redundant lines
S 6.19 Data backup on PCs
S 6.20 Appropriate storage of backup data media
S 6.21 Backup copy of the software used
S 6.22 Sporadic checks of the restorability of backups
S 6.23 Procedures in the event of computer virus infection
S 6.24 PC emergency floppy disk
S 6.25 Regular backup of the server hard disk
S 6.26 Regular backup of PBX configuration data
S 6.27 Backup of the CMOS RAM
S 6.28 Agreement on the delivery deadlines for "vital" PBX units
S 6.29 PBX base line for emergency calls
S 6.30 Emergency circuit
S 6.31 Procedural patterns following a loss of system integrity
S 6.32 Regular data backup
S 6.33 Development of a data backup policy
S 6.34 Determining the factors influencing data backup
S 6.35 Stipulating data backup procedures
S 6.36 Stipulating a minimal data backup policy
S 6.37 Documenting data backup procedures
S 6.38 Back-up copies of transferred data
S 6.39 Listing dealerships for re-procurement of fax products
S 6.40 Regular battery checks/replacements
S 6.41 Training data reconstruction
S 6.42 Creating start-up disks for Windows NT
S 6.43 Use of redundant Windows NT servers
S 6.44 Data back-up under Windows NT
S 6.45 Data backup under Windows 95
S 6.46 Creating a start-up disk for Windows 95
S 6.47 Storage of backup copies as part of telecommuting
S 6.48 Procedures in case of a loss of database integrity
S 6.49 Data backup in a database
S 6.50 Archiving database
S 6.51 Restoring a database
S 6.52 Regular backup of configuration data of active network components
S 6.53 Redundant arrangement of network components
S 6.54 Procedures in case of a loss of network integrity
S 6.55 Reduction of restart times for Novell Netware servers
S 6.56 Data backup when using cryptographic procedures
S 6.57 Creation of an emergency plan for the failure of the management system
S 6.58 Establishment of a management system for handling security incidents
S 6.59 Specification of responsibilities for dealing with security incidents
S 6.60 Procedural rules and reporting channels for security incidents
S 6.61 Escalation strategy for security incidents
S 6.62 Specifying priorities for handling security incidents
S 6.63 Investigation and assessment of a security incident
S 6.64 Remedial action in connection with security incidents
S 6.65 Notification of the parties affected
S 6.66 Evaluation of security incidents
S 6.67 Use of detection measures for security incidents
S 6.68 Testing the effectiveness of the management system for the handling of security incidents
S 6.69 Contingency planning and operational reliability of fax servers
S 6.70 Creation of a contingency plan for failure of the RAS system
S 6.71 Data backup for a mobile IT system
S 6.72 Precautions relating to mobile phone failures

© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Last Update: October 2000