{"id":1179,"date":"2025-12-15T18:32:21","date_gmt":"2025-12-15T15:32:21","guid":{"rendered":"https:\/\/isocerthub.com\/?p=1179"},"modified":"2025-12-15T18:45:57","modified_gmt":"2025-12-15T15:45:57","slug":"kak-standarty-iso-22301-i-27035-pomogayut-sootvetstvovat-trebovaniyam-dora","status":"publish","type":"post","link":"https:\/\/isocerthub.com\/ro\/kak-standarty-iso-22301-i-27035-pomogayut-sootvetstvovat-trebovaniyam-dora\/","title":{"rendered":"Cum ajut\u0103 standardele ISO 22301 \u0219i 27035 la respectarea cerin\u021belor DORA"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"1179\" class=\"elementor elementor-1179\" data-elementor-post-type=\"post\">\n\t\t\t\t<div class=\"elementor-element elementor-element-659db77a e-flex e-con-boxed e-con e-parent\" data-id=\"659db77a\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-cc28ce4 elementor-widget elementor-widget-text-editor\" data-id=\"cc28ce4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.21.0 - 15-04-2024 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<!-- wp:paragraph -->\n<p>Companiile din Kazahstan, Uzbekistan, Georgia \u0219i K\u00e2rg\u00e2zstan colaboreaz\u0103 tot mai des cu b\u0103nci europene, parteneri fintech \u0219i marketplace-uri \u2014 ceea ce \u00eenseamn\u0103 c\u0103 se confrunt\u0103 \u0219i cu cerin\u021bele DORA privind rezilien\u021ba digital\u0103. Vestea bun\u0103 este c\u0103, pentru a v\u0103 alinia la DORA, nu trebuie s\u0103 reinventa\u021bi roata. Dou\u0103 standarde practice \u2014 ISO 22301 \u0219i ISO\/IEC 27035 \u2014 acoper\u0103 o mare parte din a\u0219tept\u0103rile regulatorului prin procese \u0219i roluri clare.<\/p>\n<!-- \/wp:paragraph --><!-- wp:heading -->\n<h2 class=\"wp-block-heading\">Ce a\u0219teapt\u0103 DORA de la o afacere, pe \u00een\u021belesul tuturor<\/h2>\n<!-- \/wp:heading --><!-- wp:paragraph -->\n<p>DORA (Digital Operational Resilience Act) se concentreaz\u0103 nu pe securitatea \u201epe h\u00e2rtie\u201d, ci pe capacitatea companiei de a rezista la defec\u021biuni IT \u0219i incidente cibernetice, de a se recupera rapid \u0219i de a gestiona riscurile legate de contractori. \u00cen practic\u0103, de obicei se verific\u0103 dac\u0103:<\/p>\n<!-- \/wp:paragraph --><!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>exist\u0103 un model gestionat de riscuri ICT \u0219i de continuitate;<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>\u0219ti\u021bi s\u0103 detecta\u021bi, s\u0103 clasifica\u021bi \u0219i s\u0103 analiza\u021bi incidentele;<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>efectua\u021bi test\u0103ri \u0219i exerci\u021bii;<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>controla\u021bi furnizorii critici (cloud, outsourcing, centre de date).<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list --><!-- wp:paragraph -->\n<p>Dac\u0103 ne imagin\u0103m afacerea ca pe o companie aerian\u0103, DORA vrea s\u0103 vad\u0103 nu doar centura de siguran\u021b\u0103 (politicile), ci \u0219i instruirea echipajului, checklist-uri, cutii negre \u0219i verific\u0103ri regulate ale aeronavei.<\/p>\n<!-- \/wp:paragraph --><!-- wp:heading -->\n<h2 class=\"wp-block-heading\">ISO 22301: scheletul continuit\u0103\u021bii afacerii conform cerin\u021belor DORA<\/h2>\n<!-- \/wp:heading --><!-- wp:paragraph -->\n<p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignright wp-image-1183 size-medium\" src=\"http:\/\/isocerthub.com\/wp-content\/uploads\/2025\/12\/dora-incidents-risks-300x200.webp\" alt=\"DORA, \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b \u0438 \u0440\u0438\u0441\u043a\u0438\" width=\"300\" height=\"200\" srcset=\"https:\/\/isocerthub.com\/wp-content\/uploads\/2025\/12\/dora-incidents-risks-300x200.webp 300w, https:\/\/isocerthub.com\/wp-content\/uploads\/2025\/12\/dora-incidents-risks-1024x683.webp 1024w, https:\/\/isocerthub.com\/wp-content\/uploads\/2025\/12\/dora-incidents-risks-768x512.webp 768w, https:\/\/isocerthub.com\/wp-content\/uploads\/2025\/12\/dora-incidents-risks-18x12.webp 18w, https:\/\/isocerthub.com\/wp-content\/uploads\/2025\/12\/dora-incidents-risks-930x620.webp 930w, https:\/\/isocerthub.com\/wp-content\/uploads\/2025\/12\/dora-incidents-risks.webp 1536w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/>ISO 22301 construie\u0219te un sistem de management al continuit\u0103\u021bii afacerii (BCMS): de la analiza riscurilor \u0219i BIA p\u00e2n\u0103 la planuri de recuperare \u0219i exerci\u021bii regulate. Acest lucru ajut\u0103 direct la acoperirea cerin\u021belor DORA privind rezilien\u021ba \u0219i restabilirea serviciilor.<\/p>\n<!-- \/wp:paragraph --><!-- wp:paragraph -->\n<p>\u00cenainte de a implementa procedurile, este important s\u0103 stabili\u021bi clar ce anume proteja\u021bi \u0219i c\u00e2t timp de nefunc\u021bionare este acceptabil. \u00cen ISO 22301, acest lucru este formalizat prin artefacte-cheie:<\/p>\n<!-- \/wp:paragraph --><!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>BIA (Business Impact Analysis): care procese sunt critice, ce dependen\u021be exist\u0103 (oameni, IT, furnizori), care sunt consecin\u021bele \u00eentreruperii;<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>RTO\/RPO: timpul \u021bint\u0103 de recuperare \u0219i pierderea admisibil\u0103 de date;<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>strategii de continuitate: redundan\u021b\u0103, loca\u021bii alternative, proceduri manuale;<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>planuri de r\u0103spuns \u0219i recuperare: cine face ce, \u00een ce ordine, cum se comunic\u0103 cu clien\u021bii \u0219i partenerii;<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>exerci\u021bii \u0219i teste: pentru ca planul s\u0103 func\u021bioneze nu doar \u00eentr-o prezentare.<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list --><!-- wp:paragraph -->\n<p>Dup\u0103 aceasta, ob\u021bine\u021bi o baz\u0103 gestionabil\u0103 pentru instruirea \u00een managementul continuit\u0103\u021bii afacerii \u2014 \u0219i pentru a demonstra maturitatea \u00een fa\u021ba partenerilor\/auditorilor.<\/p>\n<!-- \/wp:paragraph --><!-- wp:paragraph -->\n<p>Mai multe detalii despre structura \u0219i aplicarea standardului <a href=\"https:\/\/isocerthub.com\/ro\/iso-223012019\/\">aici<\/a>.<\/p>\n<!-- \/wp:paragraph --><!-- wp:heading -->\n<h2 class=\"wp-block-heading\">ISO\/IEC 27035: ordine \u00een reac\u021bia la incidente cibernetice<\/h2>\n<!-- \/wp:heading --><!-- wp:paragraph -->\n<p>Dac\u0103 ISO 22301 r\u0103spunde la \u00eentrebarea \u201ecum s\u0103 continui s\u0103 func\u021bionezi c\u00e2nd totul se stric\u0103\u201d, atunci ISO\/IEC 27035 r\u0103spunde la \u201ecum s\u0103 gestionezi corect un incident \u0219i ce concluzii s\u0103 tragi\u201d. Pentru DORA, acest lucru este critic, deoarece autoritatea de reglementare a\u0219teapt\u0103 disciplin\u0103: identificare \u2192 evaluare \u2192 reac\u021bie \u2192 recuperare \u2192 \u00eembun\u0103t\u0103\u021bire.<\/p>\n<!-- \/wp:paragraph --><!-- wp:paragraph -->\n<p>Standardul ajut\u0103 la construirea unui sistem de management al incidentelor de securitate a informa\u021biei, \u00een care nu exist\u0103 haos din chat-uri \u0219i apeluri c\u0103tre \u201ecineva din IT\u201d, ci roluri, criterii \u0219i metrici clare. Un astfel de sistem include, de obicei:<\/p>\n<!-- \/wp:paragraph --><!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>reguli pentru detectarea \u0219i \u00eenregistrarea evenimentelor (SOC\/logare\/help desk);<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>clasificare \u0219i prioritizare (ce se consider\u0103 incident grav);<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>scenarii de reac\u021bie (ransomware, scurgere de date, compromiterea conturilor, DDoS);<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>comunicare \u0219i escaladare (management, juri\u0219ti, PR, parteneri);<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>post-incident review: cauze, lec\u021bii \u00eenv\u0103\u021bate, ac\u021biuni corective.<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list --><!-- wp:paragraph -->\n<p>\u0218i da, acesta este exact acel management al incidentelor de securitate a informa\u021biei care economise\u0219te bani \u0219i nervi: cu c\u00e2t localiza\u021bi problema mai repede, cu at\u00e2t sunt mai mici timpul de nefunc\u021bionare \u0219i prejudiciul reputa\u021bional.<\/p>\n<!-- \/wp:paragraph --><!-- wp:paragraph -->\n<p>Practica implement\u0103rii ISO\/IEC 27035:<a href=\"https:\/\/isocerthub.com\/ro\/iso-iec-27035-effektivnoye-upravleniye-intsidentami-informatsionnoy-bezopasnosti-s-too-sistem-menedzhment\/\"> mai detaliat.<\/a><\/p>\n<!-- \/wp:paragraph --><!-- wp:heading -->\n<h2 class=\"wp-block-heading\">Cum asigur\u0103 \u00eempreun\u0103 ISO 22301 \u0219i ISO 27035 respectarea cerin\u021belor-cheie DORA privind rezilien\u021ba opera\u021bional\u0103<\/h2>\n<!-- \/wp:heading --><!-- wp:paragraph -->\n<p>Separat, standardele sunt puternice, iar \u00eempreun\u0103 ofer\u0103 combina\u021bia \u201erezilien\u021b\u0103 + reac\u021bie\u201d:<\/p>\n<!-- \/wp:paragraph --><!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>ISO 22301 stabile\u0219te serviciile critice, timpii de nefunc\u021bionare acceptabili \u0219i scenariile de recuperare.<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>ISO\/IEC 27035 stabile\u0219te mecanismul de reac\u021bie la incidente cibernetice, care adesea reprezint\u0103 \u0219i declan\u0219atorul planurilor de continuitate.<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>DORA cere verificarea regulat\u0103 a nivelului de preg\u0103tire \u2014 ambele standarde se bazeaz\u0103 pe exerci\u021bii, teste \u0219i ciclul de \u00eembun\u0103t\u0103\u021bire.<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list --><!-- wp:paragraph -->\n<p>Dup\u0103 implementare, compania ob\u021bine un \u201elimbaj comun\u201d \u00eentre business, IT \u0219i securitate \u2014 \u0219i apar mai pu\u021bine situa\u021bii \u00een care un departament consider\u0103 incidentul \u201enesemnificativ\u201d, \u00een timp ce altul deja pierde clien\u021bi.<\/p>\n<!-- \/wp:paragraph --><!-- wp:heading -->\n<h2 class=\"wp-block-heading\">Plan rapid de implementare pentru companiile din regiune<\/h2>\n<!-- \/wp:heading --><!-- wp:paragraph -->\n<p>Pentru a nu v\u0103 pierde \u00een documente, \u00eencepe\u021bi pragmatic. Echipa System Management recomand\u0103 de obicei urm\u0103torul parcurs:<\/p>\n<!-- \/wp:paragraph --><!-- wp:list -->\n<ul class=\"wp-block-list\"><!-- wp:list-item -->\n<li>realizarea unui scurt gap analysis raportat la DORA \u0219i la practicile curente;<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>descrierea serviciilor critice \u0219i a dependen\u021belor (BIA, RTO\/RPO);<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>lansarea procesului de reac\u021bie la incidente: roluri, clasificare, playbook-uri;<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>corelarea reac\u021biei cu planurile de recuperare (cine \u0219i c\u00e2nd activeaz\u0103 BCP\/DR);<\/li>\n<!-- \/wp:list-item --><!-- wp:list-item -->\n<li>desf\u0103\u0219urarea unui exerci\u021biu (table-top) \u0219i documentarea \u00eembun\u0103t\u0103\u021birilor.<\/li>\n<!-- \/wp:list-item --><\/ul>\n<!-- \/wp:list --><!-- wp:paragraph -->\n<p>Acest lucru ofer\u0103 un efect rapid: chiar \u0219i un singur exerci\u021biu bine realizat identific\u0103 adesea blocajele mai bine dec\u00e2t luni \u00eentregi de discu\u021bii.<\/p>\n<!-- \/wp:paragraph --><!-- wp:paragraph -->\n<p>Dac\u0103 lucra\u021bi cu parteneri financiari din UE sau dori\u021bi s\u0103 v\u0103 preg\u0103ti\u021bi din timp pentru solicit\u0103rile clien\u021bilor \u0219i ale auditorilor, System Management v\u0103 poate ajuta s\u0103 construi\u021bi procesele, s\u0103 desf\u0103\u0219ura\u021bi instruirea \u0219i s\u0103 preg\u0103ti\u021bi baza de dovezi pentru verificare.<\/p>\n<!-- \/wp:paragraph -->\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0437 \u041a\u0430\u0437\u0430\u0445\u0441\u0442\u0430\u043d\u0430, \u0423\u0437\u0431\u0435\u043a\u0438\u0441\u0442\u0430\u043d\u0430, \u0413\u0440\u0443\u0437\u0438\u0438 \u0438 \u041a\u044b\u0440\u0433\u044b\u0437\u0441\u0442\u0430\u043d\u0430 \u0432\u0441\u0451 \u0447\u0430\u0449\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u0441 \u0435\u0432\u0440\u043e\u043f\u0435\u0439\u0441\u043a\u0438\u043c\u0438 \u0431\u0430\u043d\u043a\u0430\u043c\u0438, \u0444\u0438\u043d\u0442\u0435\u0445-\u043f\u0430\u0440\u0442\u043d\u0451\u0440\u0430\u043c\u0438 \u0438 \u043c\u0430\u0440\u043a\u0435\u0442\u043f\u043b\u0435\u0439\u0441\u0430\u043c\u0438 \u2014 \u0430 \u0437\u043d\u0430\u0447\u0438\u0442, \u0441\u0442\u0430\u043b\u043a\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0441 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f\u043c\u0438 DORA \u043a \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u0439 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438. \u0425\u043e\u0440\u043e\u0448\u0430\u044f \u043d\u043e\u0432\u043e\u0441\u0442\u044c: \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0434\u0440\u0443\u0436\u0438\u0442\u044c\u0441\u044f \u0441 DORA, \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u0438\u0437\u043e\u0431\u0440\u0435\u0442\u0430\u0442\u044c \u0432\u0435\u043b\u043e\u0441\u0438\u043f\u0435\u0434. \u0414\u0432\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u043d\u044b\u0445 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0430 \u2014 ISO 22301 \u0438 ISO\/IEC 27035 \u2014 \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0447\u0430\u0441\u0442\u044c \u043e\u0436\u0438\u0434\u0430\u043d\u0438\u0439 \u0440\u0435\u0433\u0443\u043b\u044f\u0442\u043e\u0440\u0430 \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u043d\u044f\u0442\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0438&hellip;&nbsp;<a href=\"https:\/\/isocerthub.com\/ro\/kak-standarty-iso-22301-i-27035-pomogayut-sootvetstvovat-trebovaniyam-dora\/\" class=\"\" rel=\"bookmark\">Cite\u0219te mai mult &raquo;<span class=\"screen-reader-text\">Cum ajut\u0103 standardele ISO 22301 \u0219i 27035 la respectarea cerin\u021belor DORA<\/span><\/a><\/p>","protected":false},"author":2,"featured_media":1182,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","footnotes":""},"categories":[12],"tags":[],"class_list":["post-1179","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-12"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/posts\/1179","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/comments?post=1179"}],"version-history":[{"count":4,"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/posts\/1179\/revisions"}],"predecessor-version":[{"id":1187,"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/posts\/1179\/revisions\/1187"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/media\/1182"}],"wp:attachment":[{"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/media?parent=1179"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/categories?post=1179"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/isocerthub.com\/ro\/wp-json\/wp\/v2\/tags?post=1179"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}