ISO/IEC 27001 Control 5.30: ICT readiness for business continuity


ICT readiness should be planned, implemented, maintained and tested based on business continuity objectives and ICT continuity requirements.

Necessity of MidPoint

MidPoint is optional for implementation of this control.

Implementation of this control without midPoint is feasible. However, midPoint provides considerable advantages for implementation of this control, making the implementation more efficient and reliable.

Implementation Overview

MidPoint can be used to quickly prepare replacement system in case of disruption. Pre-configure emergency access control can be used during incident response.

Implementation Details

MidPoint is designed to work with systems (identity resources) that are not constantly available. Operations are re-tried, resource can be explicitly configured for maintenance mode, synchronization capability can be used to restore data consistency. Provisioning consistency capability of midPoint automatically corrects all inconsistencies it discovers, which can be used to gradually recover from disruption. Auto-scaling capability can provide resilience to unexpected load peaks. Should there be a need to create a replacement system during disruption, midPoint RBAC mechanisms together with efficient provisioning engine can be used to quickly and automatically grant access to the replacement system, maintaining appropriate access levels for individual users. E.g. midPoint can quickly provision access to a new application in case that an existing cloud application is disrupted. MidPoint identity repository contains copies of identity data, which can be used to quickly restore the data to any application. Policy-driven RBAC mechanism can be used to activate pre-configure emergency access control during disruption, providing controlled and panic-free elevation of privileges for incident responders.

Implementation Notes

  • MidPoint has a built-in high-availability features.

  • Unavailability of MidPoint does not mean unavailability of identity and access management capabilities. MidPoint is designed to provision changes to identity resources, allowing resources to operate independently. Unavailability of midPoint means limitation of identity management capabilities, however it does not usually limit operational capabilities of applications.

Was this page helpful?
Thanks for your feedback