A standard produced by [[ISO|ISO]] that deals with [[ICT readiness for business continuity|IRBC]]. Referenced within it are the following other standards:
- [[ISO 27035]]
- [[ISO 27000]]
- [[ISO 27001]]
- [[ISO 27002]]
- [[ISO 27005]]
## Clause 5: Overview
### 5.2 Key principles
1. [[incident]] prevention
2. [[incident]] detection
3. [[incident response]]
4. recovery
5. improvement
### 5.3 Elements
1. People
2. Facilities
1. interesting. "The physical environment in which ICT resources are located". Is that still a good definition?
2. Technology:
1. hardware (this standard is showing its age)
2. network, including [[router|routers]]
3. [[software]]
4. data
5. processes
6. suppliers
The point is to address the question "is our ICT capable of responding" and *not* "is our ICT secure"
![[tenor.gif]]