Welcome to our guide on one of the most critical technical controls in the standard. We are ISO27001.com and we help organisations like yours navigate the complexities of certification. Today we are looking at Annex A 8.14 which is titled Redundancy of information processing facilities. This might sound technical but the concept is actually quite simple. It is all about making sure you have a backup plan when things break.
When you start your journey toward ISO 27001 certification you will quickly learn that availability is a key pillar of information security. It sits right there alongside confidentiality and integrity. This control asks you to identify your critical systems and ensure they have sufficient redundancy to keep working even if a component fails.
Table of contents
Understanding the Core Requirement
The standard requires you to identify your requirements for the redundancy of information processing facilities. You must then ensure that redundant components are in place to meet those requirements. In simple terms you need to spot the single points of failure in your technology stack and fix them.
This does not mean you need two of everything. That would be expensive and inefficient. Instead you need to look at your business needs. You must decide which systems simply cannot go down and apply resources there. If a server fails you might need a second one ready to take over instantly. If a power supply blows you might need a backup battery. This depends entirely on the risks you face.
Steps to Implement the Control
Implementing this control requires a logical approach. We recommend you follow these steps to satisfy the auditor and protect your business.
Identify Critical Assets
You cannot protect everything so you must prioritise. Look at your asset register. Which servers, applications or network devices are vital for your daily operations? If your email server goes down can you wait a day to fix it? If your main production database fails does your business stop making money immediately? You need to answer these questions first.
Define Your Requirements
Once you know what is critical you must define the level of redundancy needed. This often links back to your business continuity plans. You should ask yourself how quickly a system needs to be back online. If the answer is “instantly” then you need a high availability solution. If the answer is “within 24 hours” then a spare part on a shelf might be enough.
Design the Architecture
Now you need to build the solution. For on-premise hardware this might mean buying servers with dual power supplies or configuring disks in a RAID array. This ensures that if one disk fails the data is still safe and accessible.
If you use cloud services like AWS or Azure the implementation is different but the principle is the same. You might use multiple availability zones. This ensures that if one data centre has an outage your application automatically runs from another one. At ISO27001.com we advise clients to document these architectural decisions clearly.
Test the Redundancy
This is the step most people forget. You can buy all the spare hardware in the world but it is useless if it does not work when you need it. You must schedule regular tests of your failover mechanisms. Pull the plug on the primary server and see if the secondary one takes over. Do this in a controlled environment first so you do not cause an accidental outage.
What the Auditor Expects
As a certification body we look for specific evidence when we audit this control. We do not just take your word for it. We need to see proof that you have thought this through and that your measures work.
We expect to see a clear link between your risk assessment and your redundancy choices. If you say a system is critical but you have no redundancy for it we will raise a non-conformity. We will ask you why you accepted that risk.
We also expect to see records of your testing. You should keep logs that show when you tested your redundant power supplies or your failover clusters. If you use a cloud provider we might ask for your configuration reports that prove you have enabled high availability features.
Common Pitfalls to Avoid
We often see beginners make the mistake of relying solely on backups. Backups are essential but they are not the same as redundancy. Redundancy is about keeping the system running with minimal interruption. Backups are for restoring data after it is lost. Do not confuse the two.
Another common mistake is failing to update the redundant systems. If your primary server is patched and up to date but your standby server is six months behind you will have problems when you try to switch over. You must manage both systems equally.
Conclusion
Implementing Annex A 8.14 is about building resilience into your infrastructure. It ensures that hardware failures do not become business disasters. By identifying what matters most and testing your defences you can satisfy the auditor and sleep better at night. If you need more templates or guidance on this topic you can always visit ISO27001.com for resources to help you prepare.