ISPOL-100-audio-01

Introduction to Information Security Policy 100, Business Continuity Management ISPOL 100 supports Intel’s continuation of operations and quick recovery when core business is impacted by natural disaster, fire, or other adverse events or disastrous situations that could take systems offline or impact workplaces. Through partnership with the corporate business continuity program, this information security policy outlines high level information security and business continuity management controls that align to the compliance requirements of the corporate business continuity program and framework. ISPOL 100 helps ensure that information security continuity is built into corporate business continuity activities and requirements. The policy does not impose any new requirements. It simply aligns the existing corporate business continuity requirements to Information Security related controls and responsibilities. Some examples of corporate business continuity activities that must align with information security policies are data backups and the protection of business continuity related systems and information assets. ISPOL 100 also defines the responsibilities of the corporate business continuity program and individual business groups. These responsibilities align with the expectations of the corporate program. Some Some examples of the responsibilities of the corporate business continuity program include: Establishing corporate level or global business continuity requirements Annual reporting to executive management Participating in audits And providing business-level support for related activities This policy also includes some of the existing existing responsibilities currently practiced by business groups, including: Assigning an oversight body or roles and responsibilities Putting a documented plan in place that is maintained, tested, and drilled. And conforming to both IT Information Security policies as well as corporate business continuity program requirements Lastly, ISPOL 100 provides clarification on the presence of information security in business continuity requirements and activities, which includes: Business continuity requirements must align with IT Information Security policies whenever those requirements address information security. The sustainability of information security controls must be embedded into the development and implementation of business continuity. And ISPOL 100 outlines IT Information Security responsibilities related to business continuity. Those responsibilities include: partnering with the corporate program to ensure information security controls are consistent with Intel’s current business continuity landscape, maintaining ISPOL 100 and related standards or procedures, and providing a solution for managing business continuity compliance. To learn more about IT Information Security’s solution for managing business continuity compliance, visit goto/ContinuityCompliance Information Security Policy 100, Business Continuity Management, ensures that information security is embedded into this core practice. This helps Intel build resilience and increases our chances of responding to unexpected events or disasters more effectively and safeguarding Intel. This and other updated Information Security Policies, supporting documents, and our improved policy portal should make it easier for you to locate and understand our corporate information security requirements. They can be found on our corporate policy repository, Policy Central. Visit goto/InfoSecPolicies to learn more or ask questions. Thank you for your help to keep Intel secure!