|
Initiation responsibility: Head of IT Section, IT Security Management
Implementation responsibility: Head of IT Section; staff responsible for the individual IT applications
To provide against possible failure of parts of the IT system, it should be examined whether restricted IT operations are required or feasible. In order to allow as many IT applications as possible in case of restricted IT operations, the capacity requirements of each IT application must be confined to the necessary level (cf. S 6.4 Documentation on the capacity requirements of IT applications).
For restricted IT operations, it must be determined which IT application will be operated with what priority. This is to be laid down in writing.
Manual substitute techniques can be a suitable means of reducing the availability requirements of an IT procedure. However, the resources required for the use of a manual alternative technique (forms, paper lists, microfiches) must be kept on hand for this purpose.
Additional controls:
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |