nvt
Application (D)DoS Protection
The application has taken application level steps to prevent Denial of Service attacks such as caching where possible, rate limiting and designing functionality to be non-blocking. This includes protecting API...
Rollback Procedure
Major changes and/or migrations that could have potential impact on the availability of the IT service have a rollback procedure and a step-by-step plan for the change documented beforehand and...
Emergency Power
Emergency power to IT equipment is available or a hot-site connected to a separate power source is available.
DDoS Network Protections
Network of IT services must be hardened against Distributed Denial of Service (DDoS) attacks. Services are configured to avoid participating in DDoS attacks. There is a documented procedure in the...
Team capacity monitoring
Teams plan to have sufficient capacity to execute important tasks, also during holidays. There is monitoring on the capacity of the team and structural understaffing gets flagged and addressed. There...
Remote Wipe of Organizational Data
Description It is possible for organisational data to be deleted from devices remotely by a device management system, if they actively make a connection or based on an interval without...
Offline backup
All critical backup media, documentation and other IT resources needed for IT recovery, and business continuity plans are stored offsite. The content of backup storage is determined after collaboration between...
Datacenter uptime
Data centres used in the processing of information take appropriate measures to guarantee continued uptime.
Backup procedure
For every system a documented backup procedure is available with values for the RPO (Recovery Point Objective, maximum tolerable amount of data that can be lost) and RTO (Recovery Time...