|
Initiation responsibility: Agency/company management
Implementation responsibility: Head of IT Section; Head of Organisational Section; IT Security Management; staff responsible for the individual IT applications
An emergency organisation of limited duration may be required for the period following the occurrence of a damaging incident up to the full restoration of availability.
It is necessary to designate individuals who are authorised to determine the existence of an emergency and who can initiate the appropriate measures in the Contingency Manual (cf. S 6.2 Definition of emergency, person-in-charge in an emergency). The organisational units involved in the implementation of contingency preparedness measures must be authorised to carry out the tasks entrusted to them under their own responsibility. The regulations required to this end must be laid down in writing. Such an "emergency organigram" (organisational chart) must be approved by the agency/company management.
Additional controls:
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |