Critical systems are defined as systems where in the event of service failure or security breach has the potential to either materially impact the Company’s business operations, reputation, or profitability or which involves customer information. Ringfencing critical systems is a simple but effect TRM measure.
In identifying the critical systems, a company must look at the systems used to uphold the operationality of a customer’s entire transactional journey. (each a “Critical System” running its respective “Critical Function”)
Critical Functions Segregation
To ring fence each Critical Function, each Critical Function shall be operated by a single independent Critical System like a seperate Computer. This ensures that if a Critical System operating a Critical Function were to fail, the CEO will be able to identify quickly, the malfunction. Critical Function segregations also facilities Core Process Segregation.
In Core Processes Segregation, the operational code of Critical Systems is kept intentionally simple. Each Critical System is coded for a specific purpose and to execute a specific function. This prevents the hardware facilities for computing processes that are outside the facilities coded purposes. Each Critical System shall only carry out 3 basic computing process, each a (“Core Process”):
- the core computing process for that Critical Function.
- a monitoring process to monitor and observe the performance of the critical system and whether more than these selected computing processes are running; and
- an alert and notification computing process for when the Critical System is not functioning within its intended values or operating or computing a process outside its Core Processes.
This also makes it easy for the CEO to detect whenever a Critical System is computing a process that is not core to its intended function, thereby ensuring the CTO or CEO can shut down an alien process and secure execution of critical computing processing codes.
If you have critical systems in your business, you should consider using a segregation method to monitor these systems.