ISO 27301 (Definition)

ISO 27301 is an information and communication technology (ICT) specific Business Continuity standard.

It is intended to provide concepts and principles behind improving the resilience of an organization IT structure to support business continuity objectives. It is intended to cover all types of incident that could have an effect on the availability of the ICT infrastructure and systems, and includes best practices and metrics.

ISO 27301 is notable in that it includes security-related incidents and security incident handling.

See also:

If you are an industry professional, consider subscribing to the free Risky Thinking Newsletter for articles, insights, and commentary on risk, business continuity, and security. It's low volume: we don't send out the newsletter unless there is something interesting to say!

Errors or Omissions? Contact us and let us know!