Kaddio Policy

Disaster Recovery Policy

This policy outlines how Kaddio AB safeguards service availability, supports our Information Security Management System (ISMS), and follows ISO/IEC 27001:2022 best practices for business continuity and operational resilience.

TL;DR: We prepare for disruptive events with documented recovery objectives, encrypted backups, redundant infrastructure, trained incident responders, regular testing, and transparent customer updates. We follow ISO/IEC 27001:2022 best practices.

Scope and Purpose

This policy covers production systems, supporting infrastructure, and critical tooling. It sits within our business continuity framework, is maintained through change management, and draws on Business Impact Analyses (BIAs) and risk assessments whose results flow into the ISMS risk register and management reviews.

Recovery Objectives

Kaddio maintains documented Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) for core services. Targets are reviewed at least annually or after material changes and are approved by service owners and the ISMS steering group to stay aligned with contractual and regulatory expectations.

  • RTOs specify the maximum acceptable downtime for each service.
  • RPOs define the maximum acceptable data loss window.
  • Service-specific objectives are aligned with contractual obligations.

Dependencies are mapped so recovery sequencing supports the Business Continuity Plan (BCP), and deviations feed corrective actions through the ISMS continual improvement cycle.

Backup and Restoration

All production data stores follow backup schedules that meet defined RPOs. Backups are encrypted, integrity checked, stored in separate locations, and accessible only to authorized staff using multi-factor authentication. Service owners review coverage during production launches or retention changes, track gaps through the ISMS risk process, and retain restoration evidence for internal and external reviews.

Infrastructure Resilience

Platform components leverage redundant infrastructure and automated monitoring where feasible. Infrastructure-as-code and version-controlled baselines support rapid recreation and compliance evidence. Critical suppliers are assessed for continuity commitments during onboarding and annual reviews, with mitigations such as caching or alternative providers documented in runbooks when recovery guarantees are limited.

Roles and Responsibilities

The disaster recovery plan assigns incident commanders, technical leads, and communication owners in controlled documentation subject to periodic access reviews. On-call engineers receive incident-response training, escalation guidance, and tabletop practice, with competency records retained to demonstrate control effectiveness.

Testing and Continuous Improvement

Disaster recovery exercises occur at least annually and after major changes, covering technical restoration and communication workflows consistent with ISO/IEC 27001 Annex A guidance. Retrospectives capture RTO/RPO performance, prioritize improvements on the security roadmap, and track corrective actions through the ISMS continual improvement process and internal audits.

Incident Lifecycle

Incident handling follows a lifecycle of detection, assessment, containment, recovery, and closure, supported by monitoring alerts, customer reports, and documented runbooks. Post-incident reviews capture root causes, control effectiveness, and preventive actions that feed the ISMS risk treatment plan and management reporting.

Disaster Recovery Flow Diagram
Disaster Recovery Flow Diagram

Communication and Customer Support

Customers receive timely status updates during sustained incidents through agreed channels such as email or status pages. Post-incident reports summarize impact, remediation steps, and follow-up actions.