ImageVerifierCode 换一换
格式:PDF , 页数:57 ,大小:3.43MB ,
资源ID:682534      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-682534.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(DIN EN ISO 22313-2016 Societal security - Business continuity management systems - Guidance (ISO 22313 2012) German version EN ISO 22313 2014《社会安全 业务连续性管理系统 导则(ISO 22313-2012) 德文版本.pdf)为本站会员(fuellot230)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

DIN EN ISO 22313-2016 Societal security - Business continuity management systems - Guidance (ISO 22313 2012) German version EN ISO 22313 2014《社会安全 业务连续性管理系统 导则(ISO 22313-2012) 德文版本.pdf

1、May 2016 English price group 23No part of this translation may be reproduced without prior permission ofDIN Deutsches Institut fr Normung e. V., Berlin. Beuth Verlag GmbH, 10772 Berlin, Germany,has the exclusive right of sale for German Standards (DIN-Normen).ICS 03.100.01!%SL“2484198www.din.deDIN E

2、N ISO 22313Societal security Business continuity management systems Guidance (ISO 22313:2012);English version EN ISO 22313:2014,English translation of DIN EN ISO 22313:2016-05Sicherheit und Schutz des Gemeinwesens Business Continuity Management Systems Leitlinie (ISO 22313:2012);Englische Fassung EN

3、 ISO 22313:2014,Englische bersetzung von DIN EN ISO 22313:2016-05Scurit socitale Systmes de management de la continuit dactivit Lignes directrices (ISO 22313:2012);Version anglaise EN ISO 22313:2014,Traduction anglaise de DIN EN ISO 22313:2016-05www.beuth.deDocument comprises 57 pagesDTranslation by

4、 DIN-Sprachendienst.In case of doubt, the German-language original shall be considered authoritative.04.16 DIN EN ISO 22313:2016-05 2 A comma is used as the decimal marker. National foreword The text of ISO 22313:2012 has been prepared by Technical Committee ISO/TC 223 “Societal Security” and has be

5、en taken over without any modification as EN ISO 22313:2012 by Technical Committee CEN/TC 391 “Societal and Citizen Security” (Secretariat: NEN, Netherlands). The responsible German body involved in its preparation was DIN-Normenausschuss Feuerwehrwesen (DIN Standards Committee Firefighting and Fire

6、 Protection), Working Committee NA 031-05 FBR Fachbereichsausschuss Sicherheit und Schutz des Gemeinwesens SpA zu ISO/TC 223 Societal security. The terms have been translated into German taking into consideration the terminology standard DIN EN ISO 22300, as well as DIN EN ISO 22301 and the technica

7、l terms commonly used and in deviation from the preferred translations. The following terms also deviate from the preferred translations: The English expression “Business impact analysis (BIA)” has only been partly translated into German (the German term “Analyse” is used instead of the English word

8、 “analysis”) and the English expression “Business continuity management (BCM)” has been taken over completely, because these terms have become established in German as well. “Incident response” has been translated as “Reaktion auf einen Zwischenfall”. However, the expression “Einsatz zur Gefahrenabw

9、ehr” is also used in practice. Correspondingly, “response” has been translated as “Reaktion” or “Gefahrenabwehr”, depending on the context. The DIN Standards corresponding to the International Standards referred to in this document are as follows: ISO 19011 DIN EN ISO 19011 ISO 22300 DIN EN ISO 2230

10、0 ISO 22301 DIN EN ISO 22301 ISO 27002 DIN EN ISO 27002 National Annex NA (informative) Bibliography DIN EN ISO 19011, Guidelines for auditing management systems DIN EN ISO 22300, Societal security - Terminology DIN EN ISO 22301, Societal security Business continuity management systems Requirements

11、DIN ISO/IEC 27002, Information technology Security techniques Code of practice for information security management EUROPEAN STANDARD NORME EUROPENNE EUROPISCHE NORM EN ISO 22313 November 2014 ICS 03.100.01 English Version Societal security - Business continuity management systems - Guidance (ISO 223

12、13:2012) Scurit socitale - Systmes de management de la continuit dactivit - Lignes directrices (ISO 22313:2012) Sicherheit und Schutz des Gemeinwesens - Aufrechterhaltung der Betriebsfhigkeit - Leitlinie (ISO 22313:2012) This European Standard was approved by CEN on 18 October 2014. CEN members are

13、bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to th

14、e CEN-CENELEC Management Centre or to any CEN member. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Cent

15、re has the same status as the official versions. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuani

16、a, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION C OM I T EUR O P EN DE NOR M AL I S ATI ON EUROPISCHES KOMITEE FR NORMUNG CEN-CENELEC Management Centre: Avenue Marn

17、ix 17, B-1000 Brussels 2014 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN ISO 22313:2014 E Contents PageEuropean foreword .3Introduction 51 Scope 102 Normative references . 103 Terms and definitions 104 Context of the organizatio

18、n 104.1 Understanding of the organization and its context 104.2 Understanding the needs and expectations of interested parties . 114.3 Determining the scope of the management system . 134.4 Business continuity management system 135 Leadership . 135.1 Leadership and commitment 135.2 Management commit

19、ment . 145.3 Policy 145.4 Organizational roles, responsibilities and authorities. 156 Planning 166.1 Actions to address risks and opportunities 166.2 Business continuity objectives and plans to achieve them 167 Support 167.1 Resources 167.2 Competence 177.3 Awareness 197.4 Communication . 207.5 Docu

20、mented information 218 Operation 238.1 Operational planning and control . 238.2 Business impact analysis and risk assessment 268.3 Business continuity strategy 308.4 Establish and implement business continuity procedures 378.5 Exercising and testing 379 Performance evaluation 499.1 Monitoring, measu

21、rement, analysis and evaluation 499.2 Internal audit . 519.3 Management review 5210 Improvement .5310.1 Nonconformity and corrective action 5310.2 Continual improvement . 54Bibliography .552DIN EN ISO 22313:2016-05 EN ISO 22313:2014 (E)Foreword 4European foreword The text of ISO 22313:2012 has been

22、prepared by Technical Committee ISO/TC 223 “Societal security” of the International Organization for Standardization (ISO) and has been taken over as EN ISO 22313:2014 by Technical Committee CEN/TC 391 “Societal and Citizen Security” the secretariat of which is held by NEN. This European Standard sh

23、all be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by May 2015, and conflicting national standards shall be withdrawn at the latest by May 2015. Attention is drawn to the possibility that some of the elements of this document m

24、ay be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights. According to the CEN-CENELEC Internal Regulations, the national standards organizations of the following countries are bound to implement this European Standard: Austri

25、a, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden,

26、 Switzerland, Turkey and the United Kingdom. Endorsement notice The text of ISO 22313:2012 has been approved by CEN as EN ISO 22313:2014 without any modification. 3DIN EN ISO 22313:2016-05 EN ISO 22313:2014 (E)ForewordISO (the International Organization for Standardization) is a worldwide federation

27、 of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee.

28、International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.International Standards are drafted in accordance with

29、 the rules given in the ISO/IEC Directives, Part 2.The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval

30、 by at least 75 % of the member bodies casting a vote.Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights.ISO 22313 was prepared by Technical Committee IS

31、O/TC 223, Societal security.4DIN EN ISO 22313:2016-05 EN ISO 22313:2014 (E)IntroductionGeneralThis International Standard provides guidance, where appropriate, on the requirements specified in ISO 22301:2012 and provides recommendations (should) and permissions (may) in relation to them. It is not t

32、he intention of this International Standard to provide general guidance on all aspects of business continuity.This International Standard includes the same headings as ISO 22301 but does not repeat the requirements for business continuity management systems and its related terms and definitions. Org

33、anizations wishing to be informed of these must therefore refer to ISO 22301 and ISO 22300.To provide further clarification and explanation of key points, this International Standard includes a number of figures. All such figures are for illustrative purposes only and the related text in the body of

34、 this International Standard takes precedence.A business continuity management system (BCMS) emphasizes the importance of: understanding the organizations needs and the necessity for establishing business continuity policy and objectives; implementing and operating controls and measures for managing

35、 an organizations overall capability to manage disruptive incidents; monitoring and reviewing the performance and effectiveness of the BCMS; and continual improvement based on objective measurement.A BCMS, like any other management system, includes the following key components:a) a policy;b) people

36、with defined responsibilities;c) management processes relating to:1) policy;2) planning;3) implementation and operation;4) performance assessment;5) management review; and6) improvement.d) a set of documentation providing auditable evidence; ande) any BCMS processes relevant to the organization.Busi

37、ness continuity is generally specific to an organization, however, its implementation can have far reaching implications on the wider community and other third parties. An organization is likely to have external organizations that it depends upon and there will be others that depend on it. Effective

38、 business continuity therefore contributes to a more resilient society.The Plan-Do-Check-Act cycleThis International Standard applies the Plan-Do-Check-Act (PDCA) cycle to planning, establishing, implementing, operating, monitoring, reviewing, maintaining and continually improving the effectiveness

39、of an organizations BCMS.5DIN EN ISO 22313:2016-05 EN ISO 22313:2014 (E)Figure 1 illustrates how the BCMS takes interested parties requirements as inputs for business continuity management (BCM) and, through the required actions and processes, produces business continuity outcomes (i.e. managed busi

40、ness continuity) that meet those requirements.Establish(Plan)Implement and operate(Do)Monitor and review(Check)Maintain and improve(Act)Continual improvement of business continuity management system (BCMS)Interested partiesRequirements for business continuityInterested partiesManaged business contin

41、uityFigure 1 PDCA model applied to BCMS processesTable 1 Explanation of PDCA modelPlan (Establish)Establish business continuity policy, objectives, controls, processes and procedures relevant to improving business continuity in order to deliver results that align with the organizations overall polic

42、ies and objectives.Do (Implement and operate)Implement and operate the business continuity policy, controls, processes and procedures.Check (Monitor and review)Monitor and review performance against business continuity objectives and policy, report the results to management for review, and determine

43、 and authorize actions for remediation and improvement.Act (Maintain and improve)Maintain and improve the BCMS by taking corrective actions, based on the results of management review and re-appraising the scope of the BCMS and business conti-nuity policy and objectives.Components of PDCA in this Int

44、ernational StandardThere is a direct relationship between the content of Figure 1 and the clauses of this International Standard:6DIN EN ISO 22313:2016-05 EN ISO 22313:2014 (E)Table 2 Relationship between PDCA model and Clauses 4 to 10PDCA component Clause addressing PDCA componentPlan (Establish)Cl

45、ause 4 (Context of the organization) sets out what the organization has to do in order to make sure that the BCMS meets its requirements, taking into account all relevant external and internal factors, including: The needs and expectations of interested parties. Its legal and regulatory obligations.

46、 The required scope of the BCMS.Clause 5 (Leadership) sets out the key role of management in terms of demon-strating commitment, defining policy and establishing roles, responsibilities and authorities.Clause 6 (Planning) describes the actions required to establish strategic objec-tives and guiding

47、principles for the BCMS as a whole. These set the context for the business impact analysis and risk assessment (8.2) and business continuity strat-egy (8.3).Clause 7 (Support) identifies the key elements that need to be in place to support the BCMS, namely: resources, competence, awareness, communic

48、ation and docu-mented information.Do (Implement and operate)Clause 8 (Operation) identifies the elements of business continuity management (BCM) that are needed to achieve business continuity.Check (Monitor and review)Clause 9 (Performance evaluation) provides the basis for improvement of the BCMS t

49、hrough measurement and evaluation of its performance.Act (Maintain and improve)Clause 10 (Improvement) covers the corrective action needed to address noncon-formity identified through performance evaluation.Business continuityBusiness continuity is the capability of the organization to continue delivery of products or services at acceptable predefined levels following a disruptive incident. Business continuity management (BCM) is t

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1