Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

CDP 35948462: Confirm Business Continuity contractual requirements (app/AI) #4

New Issue
Closed
opened 2026-04-16 08:16:44 +02:00 by Hartmut · 1 comment
Hartmut commented 2026-04-16 08:16:44 +02:00
Owner
Copy Link
Copy Source

CDP Control ID: 35948462
Category: Legal/Contractual
Frequency: Annually
Owner: h.noerenberg
Parent: #1

Requirement & Guidance

Legal/Contractual Requirement: If Business Continuity is required by the contract, confirm that there is a Business Continuity Plan in place, and: Establish clear accountability for shared devices managed by the project team, confirm that physical security is appropriate for those devices, regular inventory of shared devices is being produced, and document process to secure those devices during a business continuity event.Maintain an inventory of high value assets for urgent recovery during business continuity events.Document differences in information security controls and processes between day to day operating locations and business continuity location and obtain client acknowledgment.Confirm that any client-provided mobile devices are encrypted to Accenture standard.Confirm important information (e.g. deliverables or other client data needed to perform services) is being backed up so that in the event of a data loss it can be recovered and services can be resumed with minimal disruption.Review recovery SLAs with client.Review and test recovery processes.If responsible for workstation backup process, confirm backups are not connected permanently to workstations, servers, and networks. Attachments Required: Business Continuity Plan and Evidence of Last Test Conducted on BCP Plan. Guidance: Understand if Business Continuity is contractually mandated by the client. confirm that the engagement has a documented procedure that helps meeting the contractual expectations of client around business continuity and the procedure is tested for feasibility.

**CDP Control ID:** `35948462` **Category:** Legal/Contractual **Frequency:** Annually **Owner:** h.noerenberg **Parent:** #1 ## Requirement & Guidance Legal/Contractual Requirement: If Business Continuity is required by the contract, confirm that there is a Business Continuity Plan in place, and: Establish clear accountability for shared devices managed by the project team, confirm that physical security is appropriate for those devices, regular inventory of shared devices is being produced, and document process to secure those devices during a business continuity event.Maintain an inventory of high value assets for urgent recovery during business continuity events.Document differences in information security controls and processes between day to day operating locations and business continuity location and obtain client acknowledgment.Confirm that any client-provided mobile devices are encrypted to Accenture standard.Confirm important information (e.g. deliverables or other client data needed to perform services) is being backed up so that in the event of a data loss it can be recovered and services can be resumed with minimal disruption.Review recovery SLAs with client.Review and test recovery processes.If responsible for workstation backup process, confirm backups are not connected permanently to workstations, servers, and networks. Attachments Required: Business Continuity Plan and Evidence of Last Test Conducted on BCP Plan. Guidance: Understand if Business Continuity is contractually mandated by the client. confirm that the engagement has a documented procedure that helps meeting the contractual expectations of client around business continuity and the procedure is tested for feasibility.
Hartmut added the cdpsecurity labels 2026-04-16 08:16:44 +02:00
Hartmut commented 2026-04-16 08:18:44 +02:00
Author
Owner
Copy Link
Copy Source

Nicht anwendbar — automatisch geschlossen.

CapaKraken ist aktuell ein internes Tool ohne Vertrag mit Business-Continuity-Klausel. Die Guidance ist explizit konditioniert: “If Business Continuity is required by the contract…” — greift daher nicht.

Falls CapaKraken später extern vermarktet wird und ein BC-Requirement in den Vertrag kommt: Ticket wieder öffnen.

**Nicht anwendbar — automatisch geschlossen.** CapaKraken ist aktuell ein internes Tool ohne Vertrag mit Business-Continuity-Klausel. Die Guidance ist explizit konditioniert: _“If Business Continuity is required by the contract…”_ — greift daher nicht. Falls CapaKraken später extern vermarktet wird und ein BC-Requirement in den Vertrag kommt: Ticket wieder öffnen.
Hartmut added the not-applicable label 2026-04-16 08:18:44 +02:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
cdp
CDP (Client Data Protection) compliance
 epic
Parent/umbrella ticket
 not-applicable
Control does not apply to CapaKraken scope
 security
Security / compliance work
No Label cdp not-applicable security
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Hartmut
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Hartmut/CapaKraken#4
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?