Benchmark: 1635.12b1Organizational.2-12.b 12.01 Information Security Aspects of Business Continuity Management
Description
Information security aspects of business continuity are (i) based on identifying events (or sequence of events) that can cause interruptions to the organization's critical business processes (e.g., equipment failure, human errors, theft, fire, natural disasters acts of terrorism); (ii) followed by a risk assessment to determine the probability and impact of such interruptions, in terms of time, damage scale and recovery period; (iii) based on the results of the risk assessment, a business continuity strategy is developed to identify the overall approach to business continuity; and (iv) once this strategy has been created, endorsement is provided by management, and a plan created and endorsed to implement this strategy.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 1635.12b1Organizational.2-12.b 12.01 Information Security Aspects of Business Continuity Management.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.hipaa_hitrust_v92_1635_12b1organizational
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.hipaa_hitrust_v92_1635_12b1organizational --share
Controls
- Azure Key Vault Managed HSM should have purge protection enabled
- Key vaults should have deletion protection enabled