>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

OPS-06Data Protection and Recovery - Concept

>Control Description

Policies and instructions for data backup and recovery are documented, communicated and provided in accordance with SP-01 regarding the following aspects. • The extent and frequency of data backups and the duration of data retention are consistent with the contractual agreements with the cloud customers and the Cloud Service Provider's operational continuity requirements for Recovery Time Objective (RTO) and Recovery Point Objective (RPO); • Data is backed up in encrypted, state-of-the-art form; • Access to the backed-up data and the execution of restores is performed only by authorised persons; and • Tests of recovery procedures (cf. OPS-08). Additional criteria: -

Ask AI

Configure your API key to use AI features.