We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
  • ISO/IEC 27031:2011

    Current The latest, up-to-date edition.
    Add to Watchlist
    This Standard has been added successfully to your Watchlist.
    Please visit My Watchlist to see all standards that you are watching.
    Please log in or to add this standard to your Watchlist.
    We could not add this standard to your Watchlist.
    Please retry or contact support for assistance.
    You need to be logged in to add this standard to your Watchlist.
    Please log in now or create an account to add.
    You already added this Product in the Watchlist.

    Information technology Security techniques Guidelines for information and communication technology readiness for business continuity

    Available format(s):  Hardcopy, PDF, PDF 3 Users, PDF 5 Users, PDF 9 Users

    Language(s):  English, French

    Published date:  01-03-2011

    Publisher:  International Organization for Standardization

    Add to Watchlist

    Add To Cart

    Abstract - (Show below) - (Hide below)

    ISO/IEC 27031:2011 describes the concepts and principles of information and comunication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization's ICT readiness to ensure business continuity. It applies to any organization (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity program (IRBC), and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity (including security) of critical business functions. It also enables an organization to measure performance parameters that correlate to its IRBC in a consistent and recognized manner.

    The scope of ISO/IEC 27031:2011 encompasses all events and incidents (including security related) that could have an impact on ICT infrastructure and systems. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.

    General Product Information - (Show below) - (Hide below)

    Committee ISO/IEC JTC 1/SC 27
    Document Type Standard
    Publisher International Organization for Standardization
    Status Current

    Standards Referenced By This Book - (Show below) - (Hide below)

    18/30346433 DC : 0 BS ISO/IEC 19086-4 - INFORMATION TECHNOLOGY - CLOUD COMPUTING SERVICE LEVEL AGREEMENT (SLA) FRAMEWORK - PART 4: SECURITY AND PRIVACY
    BS ISO/IEC 27037 : 2012 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION, AND PRESERVATION OF DIGITAL EVIDENCE
    15/30268877 DC : 0 BS ISO/IEC 27035-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT - PART 2: GUIDELINES TO PLAN AND PREPARE FOR INCIDENT RESPONSE
    12/30269414 DC : 0 BS EN 16495 - AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANISATIONS SUPPORTING CIVIL AVIATION OPERATIONS
    OLF 104 : 2016 INFORMATION SECURITY BASELINE REQUIREMENTS FOR PROCESS CONTROL, SAFETY AND SUPPORT ICT SYSTEMS
    BS ISO 22313 : 2012 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE
    INCITS/ISO/IEC 27040 : 2017 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY
    BS EN ISO/IEC 27037 : 2016 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE (ISO/IEC 27037:2012)
    CSA TELECOM ORGANIZATIONS PACKAGE : 2018 CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR
    CSA ISO/IEC 27035 : 2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT
    CSA ISO/IEC 27035 : 2013 : R2017 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT
    DIN EN ISO 22301 E : 2014 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS (ISO 22301:2012)
    I.S. EN ISO 22313:2014 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE (ISO 22313:2012)
    14/30249803 DC : 0 BS ISO/IEC 27040 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY
    ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
    UNE-ISO 22301:2013 Societal security. Business continuity management systems. Requirements
    INCITS/ISO/IEC 27037 : 2014 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE
    BS ISO/IEC 27035 : 2011 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT
    11/30168516 DC : 0 BS ISO/IEC 27032 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR CYBERSECURITY
    BS ISO 22301 : 2012 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS
    CSA ISO/IEC 27002 : 2015 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS
    DIN EN ISO 22301:2014-12 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS (ISO 22301:2012)
    BS ISO/IEC 27035-2:2016 Information technology. Security techniques. Information security incident management Guidelines to plan and prepare for incident response
    BS EN ISO 22313:2014 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE
    UNE-ISO/IEC 27002:2015 Information technology -- Security techniques -- Code of practice for information security controls
    I.S. EN ISO 22301:2014 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS
    BS ISO/IEC 27035-1:2016 Information technology. Security techniques. Information security incident management Principles of incident management
    BS ISO/IEC 27002 : 2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS
    UNE-EN ISO/IEC 27002:2017 Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015)
    DIN EN ISO/IEC 27040:2016-04 (Draft) INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY (ISO/IEC 27040:2015)
    BS EN ISO 22301:2014 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENTSYSTEMS - REQUIREMENTS (ISO 22301:2012)
    DIN EN ISO/IEC 27002 E : 2017 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS (ISO/IEC 27002:2013 INCLUDING COR 1:2014 AND COR 2:2015)
    14/30304350 DC : 0 BS EN ISO 27799 - HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002
    11/30207799 DC : 0 BS ISO/IEC 27037 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE
    BS EN ISO/IEC 27002:2017 (published 2017-03) Information technology. Security techniques. Code of practice for information security controls
    10/30184432 DC : 0 BS ISO/IEC 27035 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT
    12/30242445 DC : 0 BS ISO 22398 - SOCIETAL SECURITY - GUIDELINES FOR EXERCISES AND TESTING
    BS ISO 22398:2013 Societal security. Guidelines for exercises
    ISO/IEC TR 27015:2012 Information technology Security techniques Information security management guidelines for financial services
    BS ISO/IEC 27032:2012 Information technology. Security techniques. Guidelines for cybersecurity
    DIN EN ISO/IEC 27002:2017-06 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS (ISO/IEC 27002:2013 INCLUDING COR 1:2014 AND COR 2:2015)
    CAN/CSA-ISO/IEC 27035-2:18 Information technology — Security techniques — Information security incident management — Part 2: Guidelines to plan and prepare for incident response (Adopted ISO/IEC 27035-2:2016, first edition, 2016-11-01)
    ISO/IEC TR 20000-10:2015 Information technology Service management Part 10: Concepts and terminology
    BS EN 16495:2014 AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANISATIONS SUPPORTING CIVIL AVIATION OPERATIONS
    UNI EN 16495 : 2014 AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANIZATIONS SUPPORTING CIVIL AVIATION OPERATIONS
    ISO/IEC 27035:2011 Information technology Security techniques Information security incident management
    ISO/IEC 27032:2012 Information technology Security techniques Guidelines for cybersecurity
    ISO/IEC 27037:2012 Information technology Security techniques Guidelines for identification, collection, acquisition and preservation of digital evidence
    DIN EN ISO/IEC 27040 E : 2017 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY (ISO/IEC 27040:2015)
    DIN EN ISO 22313:2016-05 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE (ISO 22313:2012)
    12/30250175 DC : 0 BS ISO/IEC 27036-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY FOR SUPPLIER RELATIONSHIPS - PART 2: COMMON REQUIREMENTS
    CSA INFORMATION SECURITY PACKAGE : 2018 CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION
    DIN EN ISO 22313 E : 2016 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE (ISO 22313:2012)
    INCITS/ISO/IEC 27002 : 2014 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS
    BS EN ISO 27799:2008 HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002 (ISO 27799:2016)
    CAN/CSA-ISO/IEC 27035-1:18 Information technology — Security techniques — Information security incident management — Part 1: Principles of incident management (Adopted ISO/IEC 27035-1:2016, first edition, 2016-11-01)
    15/30267674 DC : 0 BS ISO/IEC 27035-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT - PART 1: PRINCIPLES OF INCIDENT MANAGEMENT
    ISO/IEC 27035-2:2016 Information technology Security techniques Information security incident management Part 2: Guidelines to plan and prepare for incident response
    SR 003 391 : 2.1.1 CLOUD STANDARDS COORDINATION PHASE 2; INTEROPERABILITY AND SECURITY IN CLOUD COMPUTING
    I.S. EN ISO/IEC 27037:2016 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE (ISO/IEC 27037:2012)
    I.S. EN ISO/IEC 27002:2017 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS (ISO/IEC 27002:2013 INCLUDING COR 1:2014 AND COR 2:2015)
    I.S. ISO/IEC 27002:2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS
    CEI UNI ISO/IEC 27002 : 2014 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS
    ISO 22398:2013 Societal security — Guidelines for exercises
    UNI EN ISO 22301 : 2014 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS
    ISO 22301:2012 Societal security Business continuity management systems Requirements
    BS ISO/IEC 27040 : 2015 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY
    EN ISO 22313:2014 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE (ISO 22313:2012)
    BS EN ISO/IEC 27040 : 2016 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY (ISO/IEC 27040:2015)
    UNE-EN ISO 22301:2015 Societal security - Business continuity management systems - Requirements (ISO 22301:2012)
    ISO/IEC 27040:2015 Information technology Security techniques Storage security
    UNI EN ISO 22313 : 2015 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE
    UNE-EN ISO 22313:2015 Societal security - Business continuity management systems - Guidance (ISO 22313:2012)
    EN ISO/IEC 27002 : 2017 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS (ISO/IEC 27002:2013 INCLUDING COR 1:2014 AND COR 2:2015)
    EN ISO/IEC 27040 : 2016 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY (ISO/IEC 27040:2015)
    EN ISO 22301 : 2014 SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS (ISO 22301:2012)
    EN ISO 27799:2016 HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002 (ISO 27799:2016)
    EN ISO/IEC 27037 : 2016 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE (ISO/IEC 27037:2012)
    EN 16495 : 2014 AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANISATIONS SUPPORTING CIVIL AVIATION OPERATIONS
    BS ISO/IEC 27036-2:2014 Information technology. Security techniques. Information security for supplier relationships Requirements
    ISO/IEC 27035-1:2016 Information technology Security techniques Information security incident management Part 1: Principles of incident management
    PD ISO/IEC TR 20000-10:2015 Information technology. Service management Concepts and terminology
    BIP 2151 : 2012 AUDITING BUSINESS CONTINUITY MANAGEMENT PLANS - ASSESS AND IMPROVE YOUR PERFORMANCE AGAINST ISO 22301
    I.S. EN 16495:2014 AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANISATIONS SUPPORTING CIVIL AVIATION OPERATIONS
    I.S. EN ISO/IEC 27040:2016 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY (ISO/IEC 27040:2015)
    ISO/IEC 27036-2:2014 Information technology Security techniques Information security for supplier relationships Part 2: Requirements
    UNI CEI ISO/IEC 27002 : 2014 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS
    ISO 22313:2012 Societal security Business continuity management systems Guidance
    UNE-ISO 22313:2013 Societal security.Business continuity management systems. Guidance

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements
    ISO/IEC 18043:2006 Information technology Security techniques Selection, deployment and operations of intrusion detection systems
    ISO/IEC 27003:2017 Information technology — Security techniques — Information security management systems — Guidance
    ISO/IEC 27004:2016 Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation
    BS 25999-1(2006) : 2006 BUSINESS CONTINUITY MANAGEMENT - PART 1: CODE OF PRACTICE
    IEC/ISO 31010:2009 Risk management - Risk assessment techniques
    ISO 22301:2012 Societal security Business continuity management systems Requirements
    AS ISO 22301:2020 Security and resilience - Business continuity management systems - Requirements
    ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
    AS/NZS ISO/IEC 20000.10:2019 Information technology - Service management Concepts and vocabulary
    ISO/IEC TR 18044:2004 Information technology Security techniques Information security incident management
    ISO/IEC 20000-1:2011 Information technology Service management Part 1: Service management system requirements
    ISO/IEC 20000-2:2012 Information technology Service management Part 2: Guidance on the application of service management systems
    ISO/IEC 27005:2011 Information technology Security techniques Information security risk management
    ISO 9000:2015 Quality management systems Fundamentals and vocabulary
    ISO/IEC 27000:2016 Information technology Security techniques Information security management systems Overview and vocabulary
    ISO/IEC 24762:2008 Information technology Security techniques Guidelines for information and communications technology disaster recovery services
    AS ISO 22313:2020 Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301
    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective