Skip to main content

Data Security Standard 7 - Continuity planning

Date Published:
28 September 2023

Current Chapter

Data Security Standard 7 - Continuity planning

View all

Next Chapter

Know your services (7.1.1)

This guidance relates to the 2023-24 (version 6) standard.

Overview

A continuity plan is in place to respond to threats to data security, including significant data breaches or near misses, and it is tested once a year as a minimum, with a report to senior management.

Standard 7, National Data Guardian (NDG) review

 

A business continuity exercise is run every year as a minimum, with guidance and templates available from the toolkit.

Those in key roles will receive dedicated training, so as to make judicious use of the available materials, ensuring that planning is modelled around the needs of their own business.

There should be a clear focus on enabling senior management to make good decisions, and this requires genuine understanding of the topic, as well as the good use of plain English.

Business continuity lifecycle

Image description

The business continuity lifecycle is a continuous cycle of:

  • analysis
  • solution
  • implementation
  • testing and acceptance
  • maintenance

Please refer to further note on professional judgement, auditing and UK GDPR.

Last edited: 28 September 2023 11:07 am

Chapters

  1. Data Security Standard 7 - Continuity planning
  2. Know your services (7.1.1)
  3. Business continuity and disaster recovery - part 1 (7.1.2)
  4. Business continuity and disaster recovery - part 2 (7.1.2 - 7.1.4)
  5. Business continuity and disaster recovery - part 3 (7.2.1 - 7.2.2)
  6. Business continuity and disaster recovery - part 4 (7.3.1 - 7.3.6)