General

This International Standard describes the basic practices which ICT DR service providers, both in-house and outsourced, should consider.

It covers the requirements that service providers should meet, recognizing that individual organizations may have additional requirements that are specific to them (which would have to be addressed in the agreements/contracts with service providers). Examples of such organization requirements may include special encryption software and secured operation procedures, equipment, knowledgeable personnel and application documentation. Such additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis and are the subject of detailed contract negotiations between organizations and their ICT DR service providers and are not within the scope of this International Standard.