• Availability and continuity risks

 

 

Risk Test measure (section number/s)
Connection to the Internet is disrupted:
– At the supplier
– At the interfacing systems (customer)
– At the user devices (customer)
5.5.7
The Internet connection is disrupted at other locations around the world. 5.5.7
The service is partially (not) available. 5.5, 5.9
The offline functionality does not work properly (no synchronization). 5.5.9, 5.6.11
The business process is disrupted by problems with migration:
– Missing data after migration
– Data changed during migration
– Transactions lost during migration
5.7, 5.6.1, 5.9
Data has become unreadable:
– Because of hardware failure
– Because of loss of encryption key
5.5.6, 5.3.4
Data is lost “somewhere.” 5.5.3, 5.9.2
Bankruptcy of the service supplier threatens the continuity of business processes. 5.1.3, 5.9
There is no backup plan. 5.5.8
Responsibility for continuity failure is not clear because multiple suppliers are involved. 5.1.3
There are insufficient agreements in place about availability. 5.1.3