Disaster recovery plans for information and technology (I&T) assets are increasingly essential given system malfunctions, ransomware and other cyberattacks, disruptions from natural disasters, and other threats.
disaster recovery plan
COSO ERM talks about the possible effect of an event on objectives, and in common parlance we are talking about something happening that has an effect on the organization. (COSO thinks of risk as the possibility of that event occurring; ISO talks about risk as the effect of what might happen on objectives.)
Backup and disaster planning should be evaluated as part of an organization’s overall risk management process. There are two elements to disaster planning...