Hi,
Not sure if I should post here in "13485", but I'll start here.
My auditor, for ISO 13485, was concerned that we don't have a plan to test cloud-based applications' backup.
Our cloud-based apps are hosted by AWS.
What is you recommendation to approach towards testing the backup?
It appears that the expectation is to call our contractor (the app owner) and ask for a file recovery from AWS - in a certain frequency.
Does it make sense? is it an overkill? or enough to say that AWS is ISO 27001 certified and this testing activity is "covered by the certification"?
happy to hear advice,
thx
Sue
Not sure if I should post here in "13485", but I'll start here.
My auditor, for ISO 13485, was concerned that we don't have a plan to test cloud-based applications' backup.
Our cloud-based apps are hosted by AWS.
What is you recommendation to approach towards testing the backup?
It appears that the expectation is to call our contractor (the app owner) and ask for a file recovery from AWS - in a certain frequency.
Does it make sense? is it an overkill? or enough to say that AWS is ISO 27001 certified and this testing activity is "covered by the certification"?
happy to hear advice,
thx
Sue