|
Initiation responsibility: Head of IT Section, IT Security Management
Implementation responsibility: Staff responsible for the individual IT applications
In order to avoid capacity shortfalls during restricted IT operations, internally and externally available alternatives must be explored.
When studying such alternatives, particular consideration must be given to the technical specifications of the alternative IT system. The compatibility and sufficient capacity (cf. S 6.4 Documentation on the capacity requirements of IT applications) of the alternative IT system are the basic prerequisites for its use.
The primary objective is the internal transfer of IT applications from one IT system to another (e.g. recourse to the development computer in case of failure of the production computer). External alternatives will have to be relied on when it is no longer possible to meet the availability requirements in an economically feasible way.
Alternatives for non IT-specific components should also be considered. In the infrastructure domain, for instance, consideration is to be given to alternatives regarding IT rooms.
Additional controls:
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |