Teams plan to have sufficient capacity to execute important tasks, also during holidays. There is monitoring on the capacity of the team and structural understaffing gets flagged and addressed. There are procedures in case of unplanned absence of team-members to continue with important processes.
Individuals in teams that are the only ones capable of performing specific tasks need to be identified as Single Points of Failure. Team leaders are responsible for identifying these individuals and transferring this knowledge to other employees and procedures. If this knowledge is non-transferable, more capable staff or a retainer with a supplier that can provide this expertise needs to be arranged.
Specification
-
ISO 27001 & 27002:2022
5.2,
A5.1,
A5.31,
A5.32,
A5.33,
A5.34,
A6.3
SURF toetsingskader informatiebeveiliging (NBA-volwassenheidsmodel)
GO.03 Planning / Roadmap
HR.03 Dependance on individuals