What is a Backup Policy and Procedures?
This document should define the requirements for backups, the protection of that backup data and the testing to ensure the data can be utilised when necessary. There should be sufficient backup facilities to ensure that all important information and software can be recovered after a disaster or media failure.
Why is a Backup Policy and Procedures important?
Creating the policy and following the procedures outlined will give confidence to prospective clients, existing clients and other external stakeholders that your company is following best practice and that their data is safe when they are dealing with you.
It is common now for Cyber Insurance providers to require detailed evidence of the backup processes in place to protect your Company’s data. They will often require the backup data to be held independently from the live data to ensure that a single incident does not impact both the live and backup environment.
ISO 27001 backup Policy and Procedure
InfoSec policies are part of the requirements of the ISO 27001 Certification standard. The Backup Policy and Procedure is one of those ISO 27001 policies required, you can take a look at the full list here.
Section A.12.3.1 of ISO 27001 requires the protection of valuable information against loss and controls in place that mitigate the risk of loss in accordance with a written backup policy
Backup Policy and Procedure Sections
The principles, responsibilities and processes
The information asset register
Testing the recovery of backup data/systems
How does it work?
Select a policy from our library of over 70 policies
Answer simple questions
Our platform generates your bespoke policy
Sign-off and share in seconds
Always aligned with the latest legislation ISO and GDPR Compliance
Some of the companies trusting Adoptech