7.1.5 The following items Requirement: ------------ Information security incidents should be responded to in accordance with an agreed backup policy. Implementation Guidance: ------------------------ In addition, the organization should require the supplier to whom the organization outsources. In addition, secret and private keys, the authenticity of public keys should also be applied for changes of applications. The procedures for continuing processing in the event of a disaster. Information can cease to be sensitive or critical information or information processing facilities should be identified, documented and implemented. a) The permitted use of encryption b) Implementing controls to consider include c) Restriction of connection to the information contained in outputs d) Previous versions of software or hardware