BS 7799/ISO 17799
Redundancy - Is it mandatory ? Dec 20 2007 07:17AM
iso 27000 (is27001 gmail com) (3 replies)
RE: Redundancy - Is it mandatory ? Dec 20 2007 09:18AM
Andreas Rauer (Andreas Rauer helpag de) (1 replies)
RES: Redundancy - Is it mandatory ? Dec 20 2007 03:23PM
Leandro Takegami (ltakegami msccruzeiros com br)
Re: Redundancy - Is it mandatory ? Dec 20 2007 07:34AM
Kosala Atapattu (kosala atapattu gmail com)
Re: Redundancy - Is it mandatory ? Dec 20 2007 07:29AM
K K Mookhey (kkmookhey gmail com) (1 replies)
Redundancy is not mandatory. In fact, your mitigating controls - the
SLA and the historical data to support your link uptime - do seem to
be quite effective. Your ISO 27001 audit won't fail, but the
consultant does have a valid point - link redundancy (of a lower
bandwidth) would be a worthwhile idea if your business does depend so
much on the link.

K. K. Mookhey
Principal Consultant
NII Consulting
Web: http://www.niiconsulting.com
Mobile (India): +919820049549
Mobile (GCC): +97339754742
Tel: +91-22-2839 2628

AuditPro - Comprehensive policy-based security auditing
http://www.niiconsulting.com/products/auditpro.html

On Dec 20, 2007 12:47 PM, iso 27000 <is27001 (at) gmail (dot) com [email concealed]> wrote:
> Hi,
>
> We are in the process of getting ready for ISO 27001.
>
> We have an Internet link . Lot of our business has dependency on
> Internet link being up.
>
> The ISO consultant helping us has been insisting that I buy a spare
> router and get a backup Internet link. That obviously means I need to
> put some money.
>
> I am not convinced about this need because
>
> - Last 4 years the router has not failed. I am convinced about its resilience
>
> - Internet link service provider has been meeting his SLAs consistently
>
> My question is
>
> - Is the ISO 27001 auditor going to question my above conviction. Is
> redundancy a mandatory requirement or can I document that as an
> acceptable risk[ or something else]?
>

[ reply ]
RE: Redundancy - Is it mandatory ? Dec 20 2007 08:59AM
Craig Wright (Craig Wright bdo com au)


 

Privacy Statement
Copyright 2010, SecurityFocus