# SaaS Service Continuity and Admin Operations One-sentence definition: Ensure critical SaaS remain secure and available with tenant-level controls and recovery plans. ## Key Facts - Admin roles least privilege; SSO/MFA; break-glass accounts tested. - Export/backup critical data/configs; understand provider RTO/RPO. - Monitor API/tenant logs; alerts for role changes and risky apps. - Document incident runbooks with vendor escalation paths. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Choose tenant controls + data export to mitigate provider outages. **Mnemonic:** “**Your** tenant, **your** duty.” ## Mini Scenario Q: SaaS outage; users locked out—what helps? A: Break-glass admin, cached creds if safe, alternative workflows. ## Revision Checklist - Two tenant hardening steps. - Vendor metric to know. - Runbook must-have. ## Related [[Third-Party Operational Risk and Managed Services]] · [[Identity Resilience and DR]] · [[IdP Hardening and High Availability]] · [[Secure Administration and Out-of-Band (OOB) Access]] · [[Domain 7 - Index]]