The ISO27000 Newsletter - News & Views on the ISO/IEC Security Standard

ISO17799 News - Issue 8

Welcome to the eighth issue of The ISO27000 Newsletter, designed to keep you abreast of news and developments with respect to ISO17799 and information security.

The information contained in this newsletter is absolutely free to our subscribers and provides guidance on various practical issues, plus commentary on recent Information Security incidents. In view of recent events, this issue focuses particularly upon business continuity and disaster recovery.

Included in this issue are the following topics:

Service availability can be described in terms of the time that a specific service will be made available by the supplier to the client, or perhaps stated as a percentage of an elapsed period of time.

For critical services, it is essential to describe the time period in which a specified service is expected to be available, and specifically the minimum percentage amount of time that that service has to be available to satisfy the Client’s minimum level requirements. This is normally achieved through a Service Level Agreement (SLA).

In order to keep the structure of the SLA simple, the information for Service Availability for both Standard and Non-Standard Services is normally included in a separate Schedule Agreement. Within the main body of the SLA the following suggested basic wording or similar is normally used to state that the information is held in the separate Schedule: “The availability, operational reliability and response times of the Services to be delivered under this Agreement are as specified in Schedule C to this Agreement.”

Should this wording not be suitable for either the Supplier or the Client and a decision is taken not to use a separate Schedule for this purpose, then the two parties should obviously agree on an alternative wording and the new wording inserted into the SLA accordingly.

Wherever it is described, however, the availability section is critical. It defines the client’s requirements and expectations, and the supplier’s obligations. Clearly these are vital issues in a business continuity context.

Useful Resources:
General information:
A comprehensive SLA template:




Free subscription is via our online form



Contact Us

© Copyright 2005/2006. RS