This standard specifies the disaster recovery requirements for cloud computing platforms in the financial field, including disaster recovery capability grading, disaster recovery plan and exercise, organization management, monitoring management, and supervision management and other contents of cloud computing platform.
This standard is applicable to cloud service providers, cloud service users, cloud service partners, etc. in the financial field.
2 Normative references
The following documents for the application of this document are essential. Any dated reference, just dated edition applies to this document. For undated references, the latest edition of the normative document (including any amendments) applies.
GB/T 20988-2007 Information security technology - Disaster recovery specifications for information systems
GB/T 22240-2008 Information security technology - Classification guide for classified protection of information systems security
GB/T 30146-2013 Social security - Business continuity management systems - Requirements
JR/T 0044-2008 Management specification of information system disaster recovery for banks
JR/T 0166-2018 Financial application specification of cloud computing technology - Technical architecture
3 Terms and definitions
For the purposes of this document, the terms and definitions defined in JR/T 0166-2018 and the following apply.
3.1
disaster
emergency incidents which manually or naturally cause major failure or breakdown of information system or severe damage to its data, thereby make the business functions supported by information system stop or the service level decrease to an unacceptable degree, and last for certain time
