Versions

 

OB-1.1.9

AISPs and PISPs must ensure they have an up to date business continuity plan and arrangements consisting of the following information:

a) a business impact analysis, including the business processes and recovery objectives, such as recovery time objectives, recovery point objectives and protected assets;
b) the identification of the back-up site, access to IT infrastructure, and the key software and data to recover from a disaster or disruption;
c) an explanation of how the licensee will deal with significant continuity events and disruptions, such as the failure of key systems; the loss of key data; the inaccessibility of the premises; and the loss of key persons; and
d) the frequency with which the licensee intends to test the business continuity and disaster recovery plans, including how the results of the testing will be recorded.
Added: December 2018