371新加内容,ISO/IEC 27002: 2013描述如下内容
Implementation guidance
Organizations should identify business requirements for the availability of information systems. Where the availability cannot be guaranteed using the existing systems architecture, redundant components or architectures should be considered.
Where applicable, redundant information systems should be tested to ensure the failover from one component to another component works as
intended.
组织宜识别信息系统可用性的业务要求。如果用现有的系统架构不能保证可用性,那么应考虑冗余组件或架构。若合适,宜测试冗余的信息系统以确保从一个组件到另一个组件能预期工作。
Other information
The implementation of redundancies can introduce risks to the integrity or confidentiality of information and information systems, which need to be considered when designing information systems.
实施冗余能导致信息与信息系统的完整性或保密性风险,这在设计信息系统时候需要考虑。