USA
Select regional store:

Cyber Resilience Framework 3: Respond and Recover

Framework 3

The third element of IT Governance’s Cyber Resilience Framework addresses the need to manage incidents quickly and effectively to limit harm and return to full functionality.


It should cover:

  • Incident response management 

    ICT services are resilient in the event of disaster and can be recovered within timescales agreed with senior management.  

  • ICT (information and communication technology) continuity management  

    Plans, defined roles, training, communications, and management oversight for quickly discovering an incident and effectively containing the damage, eradicating the threat, and restoring the integrity of affected network and systems. There are agreed thresholds and timescales for recovering ICT functions following an incident. 

  • Business continuity management 

    Measures for identifying the risk of exposure to internal and external threats, and for dealing with major disruptions like cyber attacks, floods and supply failures.  

  • Information sharing and collaboration 

    Threat and vulnerability information is shared among suppliers, partners, industry bodies, and authorities to enhance the collective ability to proactively detect, prevent, mitigate, respond to, and recover from cybersecurity incidents. 

The extent to which you implement these measures will depend on your own environment and compliance requirements.

4: Govern and assure >>

This website uses cookies. View our cookie policy
Save on
Training