Wiley College Information Technology (IT) Disaster Recovery Plan

Size: px
Start display at page:

Download "Wiley College Information Technology (IT) Disaster Recovery Plan"

Transcription

1 Wiley College Information Technology (IT) Disaster Recovery Plan Dr. Haywood L. Strickland President and CEO Submitted by: Nathaniel E. Hewitt, III Vice President for Information Systems and Technology June 14, 2012

2 DISASTER RECOVERY PLAN TABLE OF CONTENTS 1.0 Purpose College Mission Objectives and Constraints Assumptions Incidents Requiring Action Contingencies Physical Safeguards McLeod Hall Insurance Consideration Recovery Team Disaster Recovery Coordinator Disaster Recovery Team Headquarters Academic Systems Recovery Team Leader Responsibilities Administrative Systems Recovery Team Leader Responsibilities Preparing for a Disaster General Procedures Software Safeguards Recovery Procedures Central Facilities Recovery Plan Systems & Operations

3 11.3 Degraded Operations at Central Communications Site Use of Alternate Sites Networks Personal Computer Recovery Plan Computer Lab Recovery Plan Emergency Procedures Alternate Computing Services Facility Off-Site Storage

4 1.0 Purpose The purpose of the Information Technology (IT) Disaster Recovery Plan is to provide a structured approach for contingency planning that defines procedures for responding to incidents that threaten or disrupt business continuity that is supported by computing systems, telephony services, network infrastructures and other associated technology applications and processes. The Plan is to provide for an orderly recovery and resumption of critical operations of the College including support for academic departments that rely on information technology, within reasonable time and cost constraints. The information technology resources at Wiley College include, but are not limited to, computers, printers, local/wide/wireless area networks (LAN/WAN/WLAN networks), software, electronic mail ( ), web sites, video, telephones, and voice mail. Over the past several years, Wiley College (WC) has set up a highly computerized operational environment. This includes the use of microcomputers in offices and laboratories and servers in the computer center that provide much of the operational support for the administrative and academic units. A campus-wide network ties these various systems together and provides communications to other computer networks, colleges and universities, and the Internet. In recent years, computers and computer-based systems have become more reliable, and failures that occur can often be diagnosed automatically and repaired promptly using both local and remote diagnostic facilities. Many computer systems are designed with various levels of redundancy, which improve their reliability and provide continual operation when certain failures occur. However, some more catastrophic disruptions and disasters may result in extended down time, and require operating critical information systems at another physical location. Almost any disaster will require special funding from the College in order to allow the affected systems to be repaired or replaced. This plan assumes that these funds will be made available as needed. Proper approval will be obtained before any funds are committed for disaster recovery operations. 2.0 College Mission Wiley College, founded in 1873 in Marshall, Texas, is a historically black, primarily liberal arts, residential, co-educational, baccalaureate degree-granting institution affiliated with The United Methodist Church. Committed to the principle of educational access, the College serves traditional and nontraditional students from diverse backgrounds that have expressed a desire and potential for learning in a Christian environment. The College, in fulfilling its basic purpose of providing a liberal arts education with a global focus, endeavors to provide an intellectually stimulating environment, promoting student competencies in communication, as well as, critical and analytical thinking. The College also supports spiritual, ethical, moral, and leadership 3

5 development. To achieve these superordinate goals, the College promotes an atmosphere of academic freedom and employs a faculty committed to excellence and innovation in teaching, advising, and scholarship. The faculty provides a rigorous curriculum for preparing graduates for professional or graduate studies and/or productive careers in traditional and emerging career fields. Wiley College is committed to shared governance and exemplary stewardship of its resources. The College employs innovative techniques and strategic planning in all its administrative processes, using cutting-edge technology in the delivery of services to its clientele. Acknowledging its covenant relationship with The United Methodist Church, the College affirms the ideal of social responsibility and seeks to contribute to the welfare and revitalization of its community. (Approved by the Wiley College Board of Trustees July 15, 2011.) 3.0 Objectives and Constraints The objective of this Plan is limited to the information technology support necessary to maintain the most critical administrative and academic systems that provide business continuity for the College. Units and departments should develop their own plans in conjunction with the College s Information Systems and Technology Department (ISTD) to address manual operations within their offices should computer and/or network services be disrupted. Due to costs, the College developed a business relationship with Pronet Solutions to deploy offsite information systems backup services to meet the College's current requirements for restoration of crucial digital information managed by ISTD. Reciprocal disaster recovery arrangements are also currently being made with other regional institutions (East Texas Baptist University, LeTourneau University, Jarvis Christian College and Texas College in a planned effort to restore disrupted information technology services. 4.0 Assumptions This section contains some general assumptions, but does not include all special situations that may occur. Any special decisions for situations not covered in this plan, and needed at the time of an incident classified under the Disaster Recovery Plan, will be made by senior information technology staff members on site and communicated to President s Cabinet as appropriate. This plan will be invoked upon the occurrence of an incident. The senior staff member on site at the time of the incident or the first one on site following an incident will contact the Vice President for Information Systems and Technology for a determination of the need to declare an incident. The President and the Executive Vice President will also be notified. The senior information technology staff member on site at the time of the incident will assume immediate responsibility. The first responsibility will be to see that people are evacuated as needed. If injuries have occurred as a result of the incident, immediate attention will be given to those persons injured. The Vice President for Business and Finance, Director of Administrative Services, and the Security Department will be notified. If the situation allows, attention 4

6 will be focused on shutting down systems, turning off power, etc.; however, evacuation of personnel is the highest priority. Once an incident, covered by this plan has been declared, the plan, duties, and responsibilities will remain in effect until the incident is resolved and proper College authorities are notified. Invoking this plan implies that a disaster recovery operation has begun and will continue with top priority until business continuity computing systems and necessary telephone support to the College has been re-established. 5.0 Incidents Requiring Action This Disaster Recovery Plan for Wiley College will be invoked under one of the following circumstances: An incident which has disabled or will disable, partially or completely, the central computing facilities, telephony and other communications network resources for a period of 24 hours or more. An incident that has significantly impaired the use of computers and networks due to circumstances that fall beyond the normal processing of day-to-day operations. An incident that is considered to be malicious in intent that can or will disable, partially or completely, the computing facilities or resources, telephony and other communications network resources for a period of 24 hours (major security breaches (hacking) or viral attacks) or more. An incident that was caused by problems with computers and/or networks that has resulted in the injury of one or more persons at Wiley College. 6.0 Contingencies General situations that can destroy or interrupt computer and telephony services usually occur under the following major categories: Power/Air Conditioning Interruption Fire Water Weather and Natural Phenomenon Sabotage and Interdiction There are different levels of severity of these contingencies necessitating different strategies and different types and levels of recovery. This plan covers strategies for: 5

7 Partial recovery - operating at an alternate site on or off campus. Full recovery - operating at the current central site and client areas, possibly with a degraded level of service for a period of time. 7.0 Physical Safeguards 7.1 McLeod Hall Manual door locks on the exterior entrances protect McLeod Hall. Internal offices and computer room contain dead bolt locks. Employees and students have access to the building through the exterior doors after Safety and Security personnel have opened them. Keys to exterior doors are restricted to selected personnel. 8.0 Insurance Considerations All major information technology hardware is covered under standard property and casualty insurance for the College. All computers that are covered under a maintenance contract are also covered by an insurance policy. 9.0 Recovery Team In case of a disaster, the team will use the emergency call list. General duties of the disaster recovery coordinator are overviewed in Section 9.1. Recovery team leaders have been assigned in each major area and provided with a list of responsibilities as designated in Sections 9.3 and 9.4. The team leader in each designated area will make specific task assignments during the recovery stage. 9.1 Disaster Recovery Coordinator The Vice President for Information Systems and Technology or his designated alternate will serve as Disaster Recovery Coordinator. The major responsibilities include: Establishing the Recovery Team and providing the appropriate training. Determining the extent and seriousness of the disaster, notifying the President and Executive Vice President immediately and keeping them informed about the activities and recovery progress. Invoking the Disaster Recovery Plan after approval of the President or Executive Vice President. If neither of them is available, an appropriate member of the President s Cabinet will contacted. Coordinating the re-routing of all critical data and network services with alternate recovery locations/institutions (if warranted). 6

8 Coordinating the appropriate personnel to assist with all hardware and data recovery efforts (if deemed appropriate). Supervising the recovery activities. Coordinating with the President and Cabinet about priorities for clients while going from partial to full recovery. Naming replacements, when needed, to fill in for any disabled or absent Disaster Recovery Team members. Any members who are out of town and are needed will be notified to return. The Vice President for Information Systems and Technology will keep clients apprised of the recovery activities. 9.2 Disaster Recovery Team Headquarters If McLeod Hall is accessible, the recovery team will meet in McLeod 108 (Vice President for Information Systems and Technology) and McLeod 115 (Training Room) will be set up as the operational control center. If McLeod Hall is inaccessible due to hazardous conditions (physical, chemical or structural), the team will meet in the President's Conference Room located in the Willis J. King Administration Building. If the Administration Building is inaccessible due to hazardous conditions (physical, chemical or structural), the Disaster Recovery Coordinator will be responsible for locating another meeting place on campus. If all campus facilities are inaccessible due to hazardous conditions (physical, chemical or structural), it is presumed that the disaster is of such proportions that recovery of computer support will take a lesser priority. The Disaster Recovery Coordinator will make appropriate arrangements. 9.3 Academic Systems Recovery Team Leader Responsibilities The Director of Academic Information Technology will serve as Academic Systems Recovery Team Leader. The responsibilities in this area include recovery in case of complete or partial disruption of services from the central academic systems. Further, with the many academic labs, this group will be responsible for providing services for any disabled academic lab using information technology and educational technology resources. Responsibilities include: Coordinating hardware and software replacement with the academic hardware and software vendors. 7

9 Coordinating the activities of moving backup media and materials from the offsite security files and using these for recovery when needed. Keeping the Academic Affairs office informed of the extent of damage and recovery procedures being implemented. Coordinating recovery with client departments, those using the academic computers and those using labs. Keeping the Disaster Recovery Coordinator informed of the extent of damage and recovery procedures being implemented. 9.4 Administrative Systems Recovery Team Leader Responsibilities The Director of Administrative Information Technology will serve as Administrative Systems Recovery Team Leader. Responsibilities include: Coordinating hardware and software replacement with the administrative hardware and software vendors. Supervising retrieval of backup media and materials from the off-site storage location and using these for recovery when needed. Coordinating recovery with client departments. Coordinating recovery of administrative software with all administrative units. Providing support for the re-routing of all critical data and network services with alternate recovery locations/institutions (if deemed appropriate). Coordinating schedules for administrative programming, production services, and computer job processing. Keeping the Disaster Recovery Coordinator informed about the extent of damage and recovery procedures being implemented Preparing for a Disaster This section contains the minimum steps necessary to prepare for a possible disaster and as preparation for implementing the recovery procedures. An important part of these procedures is ensuring that the off-site storage facility contains adequate and timely computer backup tapes and documentation for applications systems, operating systems, support packages, and operating procedures General Procedures Responsibilities have been given for ensuring that each of following actions have been taken and that any updating needed is continued: 8

10 Maintaining and updating the disaster recovery plan. Ensuring that all information technology personnel are aware of their responsibilities in case of a disaster. Ensuring that periodic scheduled rotation of backup media is being followed for the off-site storage facilities. Maintaining and periodically updating documentation and systems information stored in the off-site areas. Maintaining a current status of equipment in the main equipment rooms in McLeod Hall. Informing all technology personnel of the appropriate emergency and evacuation procedures from McLeod Hall. Ensuring that all security warning systems and emergency lighting systems are functioning properly and are periodically checked by operations personnel. Ensuring that fire protection systems are functioning properly and that they are checked periodically. Ensuring that Uninterruptible Power Systems (UPS) are functioning properly and that they are being checked periodically. Ensuring that the client community is aware of appropriate disaster recovery procedures and any potential problems and consequences that could affect their operations. Ensuring that the operations procedure manual is kept current. Ensuring that proper temperatures are maintained in equipment areas Software Safeguards Network Backups In accordance with ISTD standard operating procedures, daily backups are conducted at the close of business Monday through Thursday at 5:00 pm and weekly backups are scheduled every Friday afternoon. The daily and weekly backups are stored directly on the Storage Area Network System (SANS). The full monthly backup is conducted on the last working day of the month and stored on a magnetic tape, which is transported at the close of that business day to the safety deposit box at Bank One, Marshall, Texas. The first backup of each month is retained for one year. Daily and weekly backups are retained in ISTD until the next full backup. 9

11 Database Backups (Jenzabar) The Jenzabar EX software uses transaction capturing during the daily online processing. Thus, recovery is possible by using the last night's differential backup and the transaction audit to any particular time during the day. Telecommunications Backups Full backups that run at 3:00 AM Tuesday through Saturday secure long distance software and data. The Saturday full backups are transported each Monday morning to ISTD. The first full backup of each month is retained for one year. Backups are stored on 4mm DAT tapes and other compact media. A special backup is done immediately before each monthly billing cycle. These backups are overwritten before the next monthly billing cycle. Call records from six months previous are archived to a 4mm DAT tapes at the end of every billing cycle. Disposal dates for the saved sets are not currently implemented. Call records are routed through a solidstate recorder. This captures call records while the long distance computer is unavailable. A full backup secures telephone switch software and data each night to a diskette. The diskette left in the telephone switch is overwritten each night. Each Monday morning, the diskette is removed and transported to the ISTD. A copy of the full backup is also stored in a safety deposit box at Bank One, Marshall, Texas. There are three diskettes in rotation for the full backups. A full backup to diskette secures Voic software and data. Each Monday morning, this diskette is transported to the ISTD. A copy of the full backups is also stored in a safety deposit box at Bank One, Marshall, Texas Recovery Procedures 11.1 Central Facilities Recovery Plan An incident classified under the Disaster Recovery Plan affecting standard ISTD managed business continuity systems centralized in McLeod Hall and/or the Thomas Winston Cole Library may serve as the impetus to place this plan into action. An incident may be of the magnitude that the facilities are not usable and alternate site plans are required. In this case, the alternate site portions of this plan must be implemented. It is obvious that all major support sections in information technology areas will need to function together in a disaster, although a specific plan of action is written for each section Systems & Operations This portion of the disaster recovery plan will be set into motion for computing services when an incident has occurred that requires use of the alternate site, or the damage is such 10

12 that operations can be restored, but only in a degraded mode at the central site in a reasonable time. The President s decision to activate the Disaster Recovery Plan will be made based upon evidence and advice from the Vice President for Information Systems and Technology. In case of a move to an alternate site, or the implementation of a plan to continue operations at the main site, the following general steps must be taken: Determine the extent of the damage and whether additional equipment and supplies are needed. Obtain approval for expenditure of funds to bring in any needed equipment and supplies. Notify local vendor marketing and/or service representatives if there is a need for immediate delivery of components to bring the computer systems to an operational level even in a degraded mode. If it is judged advisable, check with third-party vendors to determine whether a faster delivery schedule can be obtained. Notify vendor hardware support personnel that a priority should be placed on assistance to add and/or replace any additional components. Notify vendor systems support personnel that help is needed immediately to begin procedures to restore systems software. Order any additional electrical cables needed from suppliers. Rush order any supplies, forms, or media that may be needed. Once the alternative site has been identified, the following actions should occur: Notify officials where the alternate site is located. Coordinate moving of equipment and support personnel into the alternate site with appropriate personnel. Bring the recovery materials from the off-site storage to the alternate site. As soon as the hardware is up to specifications to run the operating system, load software and run necessary tests. Determine the priorities of the client software that need to be available and load these packages in order. Factors that generally determine these priorities are the time of the month and semester in which the disaster occurs. 11

13 Prepare backup materials and return these to the off-site storage area. Set up operations in the alternate site. Coordinate client activities to ensure that the most critical jobs are being supported as needed. As production begins, ensure that periodic backup procedures are being followed and materials are being placed in off-site storage periodically. Work out plans to ensure all critical support will be phased in. Keep administration and clients informed about the status, progress, and any problems. Coordinate plans with Wiley College administration, alternate site officials, and staff to outline measures to restore all data and network operations Degraded Operations at Central Communications Site In the event of degraded operations at the central communications site, it is assumed that an incident has occurred, but that degraded operations can be set up at McLeod Hall. In addition to the general steps that are followed in either case, special steps need to be taken. Evaluate the extent of the damage, and if only degraded service can be obtained, determine how long it will be before full service can be restored. Replace hardware as needed to restore service to at least a degraded service. Perform system installation as needed to restore service. If backup files are needed and are not available from the on-site backup files, they will be transferred from the off-site storage. Work with the various vendors, as needed, to ensure support in restoring full service. Keep the administration and clients informed of the status, progress and problems Use of Alternate Sites If the central site is destroyed, support of critical academic computing activities will be given from the alternate sites. Additional computer systems will be brought in as needed. Some steps necessary in this process are listed below: 12

14 Determine the priorities of client needs and upgrade computers at the academic labs. Set up for operations support. Coordinate the installation of additional equipment and moving support personnel. Coordinate restoration of any network communications with Computer & Network Services. Coordinate client-computing support with clients. As production begins, ensure that backup procedures are followed and periodic backups are stored off site. Work with the Vice President of Academic Affairs, the President, and clients in coordinating long-range plans for restoring full support by the academic computing resources Networks Redundancy continues to be built into the computer and telecommunications systems. Currently, the College does not have complete redundancy, but critical systems are equipped with backup policies and associated equipment. Since most of the telephone and computer communications lines are buried and in conduits across campus, connecting lines to alternate sites and to critical areas cannot be done rapidly. For example, it is estimated that if ISTD had to move, it would take 72 hours to restore critical data and voice communications lines. Some general steps that must be taken in case of a network communications disaster at the central site and/or other parts of the communications network are given: Assessment of the damage and an evaluation of steps needed to restore services. Assignment of personnel to disaster crews and assignment of tasks. If present supplies and equipment on hand are not adequate to restore service as needed, obtain approval for funds needed and contact vendors for priority shipment. Coordinate repairs of data communications disaster affecting specific areas of technology support with the recovery team leader of that area. 13

15 Keep the Disaster Recovery Coordinator and team leaders of support areas informed about the extent of the communications damage and recovery procedures being implemented. A diagram of all communications networks is located in the off-site storage area and periodically updated Personal Computer Recovery Plan Faculty and staff members are encouraged to periodically backup all files to diskette, CD or an assigned network drive. The backup procedure is the responsibility of the user and guidance will be provided by the Help Desk. Backed up media should be stored in a secure location. For network storage, users should arrange for training, access, storage space, and procedures with the Help Desk Computer Lab Recovery Plan In case of an event affecting only a lab, this section of the disaster plan will be executed. For recovery purposes, labs, by definition, will mean a computer area supporting a number of clients as contrasted to an area containing only a few personal computers. An event can occur in an area not defined as a lab; however, it is assumed recovery of services in this situation can be carried out in a routine manner. An area may be considered a lab even if it is in an administrative service area and there are a large number of personal computers involved. A disaster will be declared in a lab when a large portion of the units in the lab is affected to the extent that recovery in that area in a reasonable time with normal procedures is not possible. General steps that will be followed in recovery of a lab are listed. The team leader of the computer area with support duties over the lab affected will assume prime responsibility in the recovery process. Determine the extent of the damage in the lab and whether alternate lab services will be needed while recovery is taking place. Obtain College approval for any funds needed to replace equipment and supplies. Determine whether adequate equipment is available on campus, either from the Campus Store or other areas, to restore even partial services in the lab affected. Coordinate recovery of the center with Computer & Network Services if communications lines are involved in the lab. 14

16 If alternate services are to be provided for clients of the lab, coordinate activities between groups affected. Keep the Disaster Recovery Coordinator informed of the status of the lab and the recovery process Emergency Procedures In case an incident has happened or is imminent that will drastically disrupt operations, the following steps should be taken to reduce the probability of personal injuries and/or limit the extent of the damage, if there is not a risk to employees. Similar steps should be followed, where appropriate, in incidents occurring in a satellite center. An announcement should be made to evacuate the building, if appropriate, or move to a safe location in the building. As a preparation for a potential disaster, all technology area personnel should be aware of the exits available. If there are injured personnel, ensure their evacuation and call emergency assistance as needed. If the computers and air conditioning have not automatically powered down, initiate procedures to shut down systems orderly when possible. When possible and if time is available, set up damage-limiting measures. Designate available personnel to initiate normal lockup procedures Alternate Computing Services Facility In the event of a catastrophe that would require the development of an alternative computing facility, the ISTD will attempt to provide equipment that will meet the needs of the impacted area. ISTD will work to ensure that the type of equipment needed can be relocated and configured to meet the critical needs of the area impacted. The intent would be to survey the needs at the time of disaster, and place critical equipment where staff would have the best access to network services. This may include the use of telephone lines to establish dial-up access. Access would be limited to the applications and processes most critical to the mission of the institution Off-Site Storage All central file backups are made on magnetic tapes or other compact media using an appropriate backup strategy and stored in the server room in McLeod Hall on campus at WC. ISTD employees have access to keys both to the exterior doors and to the server room where tapes are stored. A copy of the full backups is also stored in a safety deposit box at Bank One, Marshall, Texas. 15

APPENDIX 7. ICT Disaster Recovery Plan

APPENDIX 7. ICT Disaster Recovery Plan APPENDIX 7 ICT Disaster Recovery Plan This policy was approved and ratified by the Governing Body of Cox Green School on 15 th October 2013 Signed: Chair of Governors Date: Ratified: Oct 2013 Review: Sep

More information

Jacksonville University Information Technology Department Disaster Recovery Plan. (Rev: July 2013)

Jacksonville University Information Technology Department Disaster Recovery Plan. (Rev: July 2013) Jacksonville University Information Technology Department Disaster Recovery Plan (Rev: July 2013) Table of Contents Introduction 3 Objectives/Constraints 4 Assumptions 4 Critical Systems 5 Incidents Requiring

More information

Birkenhead Sixth Form College IT Disaster Recovery Plan

Birkenhead Sixth Form College IT Disaster Recovery Plan Author: Role: Mal Blackburne College Learning Manager Page 1 of 14 Introduction...3 Objectives/Constraints...3 Assumptions...4 Incidents Requiring Action...4 Physical Safeguards...5 Types of Computer Service

More information

APPENDIX 7. ICT Disaster Recovery Plan

APPENDIX 7. ICT Disaster Recovery Plan APPENDIX 7 ICT Disaster Recovery Plan This policy was approved and ratified by the Governing Body of Cox Green School on 20 th October 2015 Signed: Chair of Governors Date: Version Authorisation Approval

More information

BUSINESS CONTINUITY PLAN

BUSINESS CONTINUITY PLAN BUSINESS CONTINUITY PLAN Signed Governor Print Name Date: Review: 1 To provide guidance to school staff, governors and external parties on how to react to disruption major or minor. 1. Rationale 1.1 To

More information

15 Organisation/ICT/02/01/15 Back- up

15 Organisation/ICT/02/01/15 Back- up 15 Organisation/ICT/02/01/15 Back- up 15.1 Description Backup is a copy of a program or file that is stored separately from the original. These duplicated copies of data on different storage media or additional

More information

DISASTER RECOVERY PLAN

DISASTER RECOVERY PLAN DISASTER RECOVERY PLAN Section 1. Goals of a Disaster Recovery Plan The major goals of a disaster recovery plan are: To minimize interruptions to normal operations. To limit the extent of disruption and

More information

PPSADOPTED: OCT. 2012 BACKGROUND POLICY STATEMENT PHYSICAL FACILITIES. PROFESSIONAL PRACTICE STATEMENT Developing a Business Continuity Plan

PPSADOPTED: OCT. 2012 BACKGROUND POLICY STATEMENT PHYSICAL FACILITIES. PROFESSIONAL PRACTICE STATEMENT Developing a Business Continuity Plan PROFESSIONAL PRACTICE STATEMENT Developing a Business Continuity Plan OCT. 2012 PPSADOPTED: What is a professional practice statement? Professional Practice developed by the Association Forum of Chicagoland

More information

Mt. San Antonio College Campus Emergency Response and Evacuation Plan

Mt. San Antonio College Campus Emergency Response and Evacuation Plan Mt. San Antonio College Campus Emergency Response and Evacuation Plan The Mt. SAC Board of Trustees is committed to providing a safe and secure campus work and learning environment for students, employees,

More information

DISASTER RECOVERY. Omniture Disaster Plan. June 2, 2008 Version 2.0

DISASTER RECOVERY. Omniture Disaster Plan. June 2, 2008 Version 2.0 DISASTER RECOVERY Omniture Disaster Plan June 2, 2008 Version 2.0 CHAPTER 1 1 Disaster Recovery Plan Overview In the event that one of our data collection environments are unavailable due to an event,

More information

Processing Sites for Commonwealth Agencies

Processing Sites for Commonwealth Agencies Information Technology Supporting Documentation Commonwealth of Pennsylvania Governor's Office of Administration/Office for Information Technology Document Number: OPD-SYM004A Document Title: Guidelines

More information

Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper

Success or Failure? Your Keys to Business Continuity Planning. An Ingenuity Whitepaper Success or Failure? Your Keys to Business Continuity Planning An Ingenuity Whitepaper May 2006 Overview With the level of uncertainty in our world regarding events that can disrupt the operation of an

More information

Emergency Operations California State University Los Angeles

Emergency Operations California State University Los Angeles Business Continuity Plan Emergency Operations California State University Los Angeles 1. Objective & Scope 2. Definition of Disaster 3. Risk and Business Impact Analysis Summary 4. Business Continuity

More information

IT Services. incident criteria

IT Services. incident criteria IT Services IT Services incident criteria Guidance for IT Services staff on priorities to be used when logging incidents. Introduction... 2 Definitions... 2 Response time... 2 Resolution times... 2 Minimum

More information

Massachusetts Institute of Technology. Functional Area Recovery Management Team Plan Development Template

Massachusetts Institute of Technology. Functional Area Recovery Management Team Plan Development Template Massachusetts Institute of Technology Functional Area Recovery Management Team Plan Development Template Public Distribution Version For further information, contact: Jerry Isaacson MIT Information Security

More information

Information Resources Security Guidelines

Information Resources Security Guidelines Information Resources Security Guidelines 1. General These guidelines, under the authority of South Texas College Policy #4712- Information Resources Security, set forth the framework for a comprehensive

More information

NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL.

NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL. NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL. Your Credit Union information is irreplaceable. Data loss can result

More information

ICT Disaster Recovery Plan

ICT Disaster Recovery Plan 7 Appendix A ICT Disaster Recovery Plan Definition of a Disaster A computer disaster is the occurrence of any computer system or associated event which causes the interruption of business, leading in the

More information

BNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN

BNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN BNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN INTRODUCTION The need for a contingency plan for business interruptions is vital to the operations of the BNA Federal Credit Union. Without such a plan,

More information

IT Disaster Recovery Plan Template

IT Disaster Recovery Plan Template HOPONE INTERNET CORP IT Disaster Recovery Plan Template Compliments of: Tim Sexton 1/1/2015 An information technology (IT) disaster recovery (DR) plan provides a structured approach for responding to unplanned

More information

The University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1

The University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1 Version 3.1 November 22, 2004 TABLE OF CONTENTS PART 1: DISASTER RECOVERY EXPECTATIONS... 3 OVERVIEW...3 EXPECTATIONS PRIOR TO AN INCIDENT OCCURRENCE...3 EXPECTATIONS PRIOR TO A DISASTER OCCURRENCE...4

More information

Data Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322

Data Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322 Business Continuity and Disaster Recovery Job Descriptions Table of Contents Business Continuity Services Organization Chart... 2 Director Business Continuity Services Group... 3 Manager of Business Recovery

More information

INFORMATION TECHNOLOGY SERVICES TECHNICAL SERVICES June 2012

INFORMATION TECHNOLOGY SERVICES TECHNICAL SERVICES June 2012 INFORMATION TECHNOLOGY SERVICES TECHNICAL SERVICES June 2012 Program Description Network Services is a service unit in Information Technology Services responsible for designing, acquiring, deploying, operating,

More information

Offsite Disaster Recovery Plan

Offsite Disaster Recovery Plan 1 Offsite Disaster Recovery Plan Offsite Disaster Recovery Plan Presented By: Natan Verkhovsky President Disty Portal Inc. 2 Offsite Disaster Recovery Plan Introduction This document is a comprehensive

More information

BUSINESS CONTINUITY PLAN

BUSINESS CONTINUITY PLAN Business Logo Here BUSINESS CONTINUITY PLAN FOR SMALL TO MEDIUM SIZED BUSINESSES DATE :??? VERSION:?? PRODUCED BY DURHAM CIVIL CONTINGENCIES UNIT BUSINESS CONTINUITY PLAN LIST OF CONTENTS 1. DISCLAIMER...4

More information

POINT UNIVERSITY CAMPUS SECURITY Emergency Response Plan

POINT UNIVERSITY CAMPUS SECURITY Emergency Response Plan POINT UNIVERSITY CAMPUS SECURITY Emergency Response Plan Introduction The Point University Emergency Response Plan establishes guidelines for campus-wide communication, service coordination and safety

More information

IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP Revision History REVISION DATE NAME DESCRIPTION Original 1.0 2 Table of Contents Information Technology Statement

More information

Ohio University Office of Information Technology

Ohio University Office of Information Technology Standard Desktop Support General Overview Standard Desktop Support service level of the Office of Information Technology (OIT) is comprised of: The Standard Desktop Support (SDS) Service The general levels

More information

University of Prince Edward Island. Emergency Management Plan

University of Prince Edward Island. Emergency Management Plan Emergency Management Plan March 2012 ON CAMPUS Emergency Dial Security Assistance Dial 566-0384 OFF CAMPUS SUPPORT AGENCIES Fire & Ambulance... 9-1-1 Charlottetown Fire Department... 566-5548 Fire Marshal...

More information

Contract # 04-06. Accepted on: March 29, 2005. Starling Systems. 711 S. Capitol Way, Suite 301 Olympia, WA 98501

Contract # 04-06. Accepted on: March 29, 2005. Starling Systems. 711 S. Capitol Way, Suite 301 Olympia, WA 98501 Disaster Recovery Plan Starling Systems Deliverable #15 - Draft I Contract # 04-06 Accepted on: March 29, 2005 Starling Systems 711 S. Capitol Way, Suite 301 Olympia, WA 98501 DISASTER RECOVERY PLAN TABLE

More information

BACKUP SECURITY GUIDELINE

BACKUP SECURITY GUIDELINE Section: Information Security Revised: December 2004 Guideline: Description: Backup Security Guidelines: are recommended processes, models, or actions to assist with implementing procedures with respect

More information

Vermont College of Fine Arts Information Technology Disaster Recovery Plan for Fiscal Year 2012

Vermont College of Fine Arts Information Technology Disaster Recovery Plan for Fiscal Year 2012 Vermont College of Fine Arts Information Technology Disaster Recovery Plan for Fiscal Year 2012 Introduction: Vermont College of Fine Arts (VCFA) is a national center for education in the arts, fostering

More information

REPORT TO MANAGEMENT ON REVIEW OF DISASTER RECOVERY PLAN LAMAR INSTITUTE OF TECHNOLOGY

REPORT TO MANAGEMENT ON REVIEW OF DISASTER RECOVERY PLAN LAMAR INSTITUTE OF TECHNOLOGY REPORT TO MANAGEMENT ON REVIEW OF DISASTER REOVERY PLAN LAMAR INSTITUTE OF TEHNOLOGY DEEMBER 2002 LAMAR INSTITUTE OF TEHNOLOGY TABLE OF ONTENTS Fiscal Year TABLE OF ONTENTS TRANSMITTAL LETTER...3 EXEUTIVE

More information

Boston Financial Data Services Business Continuity Executive Summary. November 2009

Boston Financial Data Services Business Continuity Executive Summary. November 2009 Boston Financial Data Services Business Continuity Executive Summary Boston Financial continues to maintain an active business continuity program that effectively supports the ability to survive a disruption

More information

SAMPLE IT CONTINGENCY PLAN FORMAT

SAMPLE IT CONTINGENCY PLAN FORMAT SAMPLE IT CONTINGENCY PLAN FORMAT This sample format provides a template for preparing an information technology (IT) contingency plan. The template is intended to be used as a guide, and the Contingency

More information

Exhibit to Data Center Services Service Component Provider Master Services Agreement

Exhibit to Data Center Services Service Component Provider Master Services Agreement Exhibit to Data Center Services Service Component Provider Master Services Agreement DIR Contract No. DIR-DCS-SCP-MSA-002 Between The State of Texas, acting by and through the Texas Department of Information

More information

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable

More information

THORNBURG INVESTMENT MANAGEMENT THORNBURG INVESTMENT TRUST. Business Continuity Plan

THORNBURG INVESTMENT MANAGEMENT THORNBURG INVESTMENT TRUST. Business Continuity Plan THORNBURG INVESTMENT MANAGEMENT THORNBURG INVESTMENT TRUST Business Continuity Plan June 2012 Purpose The purpose of this Business Continuity Plan ( BCP ) is to define the strategies and the plans which

More information

IT Help Desk Call Priorities

IT Help Desk Call Priorities Author Zachary Nashed Document Name Call Priorities Version Control IT Help Desk Priorities_1.01 03/07/08 -Updated IT Help Desk Priorities_1.02 05/08/09-Updated IT Help Desk Priorities_1.03 24//08/09-Updated

More information

1. Backup and Recovery Policy

1. Backup and Recovery Policy POLICY TITLE: POLICY #: IT - 2 DATE DRAFTED: 09/23/05 APPROVED DATE: 09/23/05 REVISION DATE: BRIEF DESCRIPTION: Backup and Recovery Policy Minimum requirements for the creation and retention of computer

More information

Program: Management Information Systems. David Pfafman 01/11/2006

Program: Management Information Systems. David Pfafman 01/11/2006 Effective 04/20/2005 Page - 1 - POLICY: PURPOSE: It is the policy of to provide a plan to insure the accessibility of protected health information (PHI) in the event of data loss due to an emergency or

More information

Connors State College

Connors State College Connors State College Page 1 Connors State College IT Systems Disaster Recovery Plan Connors State College - 1 - Information Technology Systems Connors State College Page 2 Disclaimer: The techniques for

More information

Disaster Preparedness & Response

Disaster Preparedness & Response 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 A B C E INTRODUCTION AND PURPOSE REVIEW ELEMENTS ABBREVIATIONS NCUA REFERENCES EXTERNAL REFERENCES Planning - Ensuring

More information

Identify and Protect Your Vital Records

Identify and Protect Your Vital Records Identify and Protect Your Vital Records INTRODUCTION The Federal Emergency Management Agency s Federal Preparedness Circular 65 states The protection and ready availability of electronic and hardcopy documents,

More information

University of Nottingham Emergency Procedures and Recovery Policy

University of Nottingham Emergency Procedures and Recovery Policy University of Nottingham Emergency Procedures and Recovery Policy Guidelines for High Hazard Schools and Departments 1. Introduction The University of Nottingham is committed to the identification and

More information

OIG. Improvements Are Needed for Information Technology Controls at the Las Vegas Finance Center. Audit Report OFFICE OF INSPECTOR GENERAL

OIG. Improvements Are Needed for Information Technology Controls at the Las Vegas Finance Center. Audit Report OFFICE OF INSPECTOR GENERAL OIG OFFICE OF INSPECTOR GENERAL Catalyst for Improving the Environment Audit Report Improvements Are Needed for Information Technology Controls at the Las Vegas Finance Center Report No. 2003-P-00011 May

More information

Administrative Services Operational Guidelines

Administrative Services Operational Guidelines Administrative Services Operational Guidelines Information Technology Introduction Mission Statement: To research, apply, and manager information technology to foster productive working and learning environments.

More information

OREGON STATE UNIVERSITY MASTER EMERGENCY MANAGEMENT PLAN

OREGON STATE UNIVERSITY MASTER EMERGENCY MANAGEMENT PLAN OREGON STATE UNIVERSITY MASTER EMERGENCY MANAGEMENT PLAN Last Edit 2/8/2011 OVERVIEW This document provides a management framework for responding to incidents that may threaten the health and safety of

More information

ISO IEC 27002 2005 (17799 2005) INFORMATION SECURITY AUDIT TOOL

ISO IEC 27002 2005 (17799 2005) INFORMATION SECURITY AUDIT TOOL 9.1 USE SECURITY AREAS TO PROTECT FACILITIES 1 GOAL Do you use physical methods to prevent unauthorized access to your organization s information and premises? 2 GOAL Do you use physical methods to prevent

More information

STUDENT RECORD POLICY, PROCEDURES AND DEFINITIONS

STUDENT RECORD POLICY, PROCEDURES AND DEFINITIONS STUDENT RECORD POLICY, PROCEDURES AND DEFINITIONS PURPOSE The purpose of establishing this policy is to ensure Virginia Union University s compliance with the Family Educational Rights and Privacy Act

More information

NAIT Guidelines. Implementation Date: February 15, 2011 Replaces: July 1, 2008. Table of Contents. Section Description Page

NAIT Guidelines. Implementation Date: February 15, 2011 Replaces: July 1, 2008. Table of Contents. Section Description Page Recommended by Emergency Preparedness Committee: January 26, 2011 Recommended by President s Council: February 11, 2011 Approved by Executive Committee: February 14, 2011 NAIT Guidelines CS1.1 Emergency

More information

Implementation Date: May 5, 2009. Table of Contents. Section Description Page. 1.0 Description 1. 2.0 Initial Response 2

Implementation Date: May 5, 2009. Table of Contents. Section Description Page. 1.0 Description 1. 2.0 Initial Response 2 Recommended by Emergency Preparedness Committee: April 21, 2009 Recommended by President s Council: May 1, 2009 Approved by Executive Committee: May 5, 2009 NAIT Procedures CS1.2.6 Flood Implementation

More information

July 30, 2009. Internal Audit Report 2009-08 Information Technology Business Continuity Plan Information Technology Department

July 30, 2009. Internal Audit Report 2009-08 Information Technology Business Continuity Plan Information Technology Department Internal Audit Report 2009-08 Introduction. The Municipality depends heavily on technology and automated information systems, and their disruption for even a few days could have a severe impact on critical

More information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1

More information

RPI Employee s Federal Credit Union Business Continuity/Disaster Recovery Plan. January 23, 2012

RPI Employee s Federal Credit Union Business Continuity/Disaster Recovery Plan. January 23, 2012 RPI Employee s Federal Credit Union Business Continuity/Disaster Recovery Plan January 23, 2012 Purpose and Objectives 2 Disaster Recovery Organizational Structure 3 Appendices: Disaster Recovery Emergency

More information

Workforce Solutions Business Continuity Plan May 2014

Workforce Solutions Business Continuity Plan May 2014 Workforce Solutions Business Continuity Plan May 2014 Contents 1. Purpose... 3 2. Declaration of Emergency... 4 3. Critical Operations... 4 3.1 Communication... 4 3.1.1 Internal Communication During Emergencies...

More information

Appendix 6c. Final Internal Audit Report Disaster Recovery Planning. June 2007. Report 6c Page 1 of 15

Appendix 6c. Final Internal Audit Report Disaster Recovery Planning. June 2007. Report 6c Page 1 of 15 Appendix 6c Final Internal Audit Report Disaster Recovery Planning June 2007 Report 6c Page 1 of 15 Contents Page Executive Summary 3 Observations and Recommendations 8 Appendix 1 - Audit Framework 13

More information

Continuity Planning and Disaster Recovery

Continuity Planning and Disaster Recovery Responsible Officer: AVP - Information Technology Services & UC Chief Information Officer Responsible Office: IT - Information Technology Services Issuance Date: 7/27/2007 Effective Date: 7/27/2007 Scope:

More information

Disaster Recovery Planning The Process

Disaster Recovery Planning The Process Disaster Recovery Planning The Process Introduction We began our planning processes after experiencing several disasters, including a building fire, an environmental contamination, faulty discharge of

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

Network & Information Security Policy

Network & Information Security Policy Policy Version: 2.1 Approved: 02/20/2015 Effective: 03/02/2015 Table of Contents I. Purpose................... 1 II. Scope.................... 1 III. Roles and Responsibilities............. 1 IV. Risk

More information

Business Continuity. Disaster Recovery Plan

Business Continuity. Disaster Recovery Plan Business Continuity Disaster Recovery Plan Emergency Contact Persons Phyllis Hollis, President & CEO O: (212) 916 3888 Cell: (917) 804 8021 Email: phollis@cavusecurities.com Kinchen Bizzell, Managing Director,

More information

3. A damage assessment will be conducted by the IT Director, and if applicable vendor/consult, and reported back to Management.

3. A damage assessment will be conducted by the IT Director, and if applicable vendor/consult, and reported back to Management. 3. A damage assessment will be conducted by the IT Director, and if applicable vendor/consult, and reported back to Management. 4. Individuals required to assist in recovery of these services will be identified.

More information

STEP-BY-STEP BUSINESS CONTINUITY AND EMERGENCY PLANNING MAY 27 2015

STEP-BY-STEP BUSINESS CONTINUITY AND EMERGENCY PLANNING MAY 27 2015 STEP-BY-STEP BUSINESS CONTINUITY AND EMERGENCY PLANNING MAY 27 2015 AGENDA: Emergency Management Business Continuity Planning Q & A MONTH DAY, YEAR TITLE OF THE PRESENTATION 2 CANADIAN RED CROSS Disaster

More information

Business Continuity & Recovery Plan Summary

Business Continuity & Recovery Plan Summary Introduction An organization s ability to survive a significant business interruption is determined by the company s ability to develop, implement, and maintain viable recovery and business continuity

More information

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This

More information

LIMCO AIREPAIR, INC. Disaster Plan

LIMCO AIREPAIR, INC. Disaster Plan LIMCO AIREPAIR, INC. Disaster Plan 1 INDEX EMERGENCY CONTACTS!! 5 REVISION CONTROL PAGE..!! 6 PURPOSE! SCOPE..!! 7! PLAN OBJECTIVES...!! 7! ASSUMPTIONS..!! 7! DISASTER DEFINITION..!! 7! RECOVERY TEAMS.!!

More information

BUSINESS CONTINUITY PLANNING

BUSINESS CONTINUITY PLANNING Policy 8.3.2 Business Responsible Party: President s Office BUSINESS CONTINUITY PLANNING Overview The UT Health Science Center at San Antonio (Health Science Center) is committed to its employees, students,

More information

INFORMATION TECHNOLOGY ENGINEER V

INFORMATION TECHNOLOGY ENGINEER V 1464 INFORMATION TECHNOLOGY ENGINEER V NATURE AND VARIETY OF WORK This is senior level lead administrative, professional and technical engineering work creating, implementing, and maintaining the County

More information

OKHAHLAMBA LOCAL MUNICIPALITY

OKHAHLAMBA LOCAL MUNICIPALITY OKHAHLAMBA LOCAL MUNICIPALITY I.T DISASTER RECOVERY PLAN 2012/2013 TABLE OF CONTENTS 1. INTRODUCTION 1 1.1 PURPOSE 2 1.2 OBJECTIVES 2 1.3 SCOPE 2 1.4 DISASTER RECOVERY STRATEGY 2 1.5 DISASTER DEFINITION

More information

Yale Business Continuity Program Emergency Response Guide

Yale Business Continuity Program Emergency Response Guide Contents Yale Business Continuity Program Emergency Response Guide March 2016 Introduction Immediate Actions Assess the Damage Determining Business Disruption Determining Plan of Action Relocation Checklist

More information

Business Continuity Plan

Business Continuity Plan Business Continuity Plan Introduction This manual documents the business continuity plan for Eastwood Wealth Management, an LPL Financial branch office that conducts business in: equity, fixed income,

More information

CENG Information Technology Services University of North Texas

CENG Information Technology Services University of North Texas CENG Information Technology Services University of North Texas for the Information Technology Services as applied To the University of North Texas College of Engineering 1.0 Agreement 1.1 Purpose CENGITS

More information

Clovis Municipal School District Information Technology (IT) Disaster Recovery Plan

Clovis Municipal School District Information Technology (IT) Disaster Recovery Plan Clovis Municipal School District Information Technology (IT) Disaster Recovery Plan Revision History REVISION DATE NAME DESCRIPTION Draft 1.0 Eric Wimbish IT Backup Disaster Table of Contents Information

More information

HIPAA Security Alert

HIPAA Security Alert Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information

More information

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the

More information

Disaster Recovery Plan

Disaster Recovery Plan Disaster Recovery Plan This guide sets forth items to consider in the review of the firm s disaster recovery plan. You should form a committee to assess the plan and should assign activities under the

More information

INFORMATION ASSURANCE

INFORMATION ASSURANCE Service Definition Thomson Reuters Legal Matter Management service (Serengeti Tracker) is the highest rated legal matter management, e-billing and analytics system designed for inhouse legal departments.

More information

Exhibit to Data Center Services Service Component Provider Master Services Agreement

Exhibit to Data Center Services Service Component Provider Master Services Agreement Exhibit to Data Center Services Service Component Provider Master Services Agreement DIR Contract No. DIR-DCS-SCP-MSA-002 Between The State of Texas, acting by and through the Texas Department of Information

More information

SECTION 15 INFORMATION TECHNOLOGY

SECTION 15 INFORMATION TECHNOLOGY SECTION 15 INFORMATION TECHNOLOGY 15.1 Purpose 15.2 Authorization 15.3 Internal Controls 15.4 Computer Resources 15.5 Network/Systems Access 15.6 Disaster Recovery Plan (DRP) 15.1 PURPOSE The Navajo County

More information

Computer and Telecommunication Services Energy Management Plan. Introduction. Level Zero Standard Operating Procedures

Computer and Telecommunication Services Energy Management Plan. Introduction. Level Zero Standard Operating Procedures Computer and Telecommunication s Energy Management Plan Standard Operating Procedures Consolidation Reduction Cessation Introduction Technology is an integral component of university operations. Technology

More information

Oklahoma Bar Association Disaster Plan

Oklahoma Bar Association Disaster Plan Oklahoma Bar Association Disaster Plan Introduction An emergency is a condition or situation that requires immediate attention beyond what can be provided in a routine manner. An emergency will exist when

More information

Unit Guide to Business Continuity/Resumption Planning

Unit Guide to Business Continuity/Resumption Planning Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions

More information

RECORDS MANAGEMENT POLICY

RECORDS MANAGEMENT POLICY RECORDS MANAGEMENT POLICY PURPOSE The purpose of this policy is to: Assist departments in effective utilization of space and efficient information retrieval; Establish guidelines for disposal of records;

More information

Post Incident Review

Post Incident Review UW-SUPERIOR TECHNOLOGY SERVICES Post Incident Review November 2014 Network Outage Gigi Koenig, Tom Janicki, Joe Kmiech and Jim Rink 12/1/2014 The purpose of this report is to provide a functional description

More information

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific

More information

INFORMATION TECHNOLOGY SECURITY STANDARDS

INFORMATION TECHNOLOGY SECURITY STANDARDS INFORMATION TECHNOLOGY SECURITY STANDARDS Version 2.0 December 2013 Table of Contents 1 OVERVIEW 3 2 SCOPE 4 3 STRUCTURE 5 4 ASSET MANAGEMENT 6 5 HUMAN RESOURCES SECURITY 7 6 PHYSICAL AND ENVIRONMENTAL

More information

SCOPE; ENFORCEMENT; AUTHORITY; EXCEPTIONS

SCOPE; ENFORCEMENT; AUTHORITY; EXCEPTIONS Title: DRAFT USG Continuity of Operation Plan Policy Policy Number: 2009-Julian Date Topical Security Area: Document Type: Standard Pages: Words: Lines: 5 1,387 182 Issue Date: May-09 Effective Date: Immediately

More information

Local Government Cyber Security:

Local Government Cyber Security: Local Government Cyber Security: Guidelines for Backing Up Information A Non-Technical Guide Essential for Elected Officials Administrative Officials Business Managers Multi-State Information Sharing and

More information

Laney Information Technology Services

Laney Information Technology Services Laney Information Technology Services Mission Statement The mission of the Laney Information Technology Services (LITS) is to provide a scalable technological infrastructure, and provide innovation in

More information

Disaster Recovery Plan. (Updated Aug 30, 2015)

Disaster Recovery Plan. (Updated Aug 30, 2015) Disaster Recovery Plan (Updated Aug 30, 2015) St. Thomas School Disaster Plan TABLE OF CONTENTS Introduction... 3 General Definition... 3 Goal... 3 Advance Preparation and Emergency Response Phase Leadership...

More information

PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-3 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

ISO 27001 Controls and Objectives

ISO 27001 Controls and Objectives ISO 27001 s and Objectives A.5 Security policy A.5.1 Information security policy Objective: To provide management direction and support for information security in accordance with business requirements

More information

Service Support. First Level Support (Tier I) provides immediate response to emergencies and customer questions. TSD - First Level Support

Service Support. First Level Support (Tier I) provides immediate response to emergencies and customer questions. TSD - First Level Support Service Support 1.1. First Level Support First Level Support (Tier I) provides immediate response to emergencies and customer questions TSD - First Level Support Office: Sub-Division: Extension: E-mail:

More information

Business Continuity & Recovery Plan Summary

Business Continuity & Recovery Plan Summary Introduction An organization s ability to survive a significant business interruption is determined by the company s ability to develop, implement, and maintain viable recovery and business continuity

More information

Business Continuity Planning and Disaster Recovery Planning

Business Continuity Planning and Disaster Recovery Planning 4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business

More information

Decision on adequate information system management. (Official Gazette 37/2010)

Decision on adequate information system management. (Official Gazette 37/2010) Decision on adequate information system management (Official Gazette 37/2010) Pursuant to Article 161, paragraph (1), item (3) of the Credit Institutions Act (Official Gazette 117/2008, 74/2009 and 153/2009)

More information

PAPER-6 PART-4 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-4 OF 5 CA A.RAFEQ, FCA 1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-4 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

Cloud Services Service Level Agreement. Publish Date: 30/06/14 Version: 1.2. Cloud Services Service Level Agreement Page: 1

Cloud Services Service Level Agreement. Publish Date: 30/06/14 Version: 1.2. Cloud Services Service Level Agreement Page: 1 Cloud Services Service Level Agreement Publish Date: 30/06/14 Version: 1.2 Cloud Services Service Level Agreement Page: 1 Contents 1. Scope 3 2. Service Definitions 3 3. Service Provision 3 4. Supported

More information

CENTER FOR NUCLEAR WASTE REGULATORY ANALYSES

CENTER FOR NUCLEAR WASTE REGULATORY ANALYSES Page 1 of 5 ELECTRONIC FILE ARCHIVAL AND BACKUP PROCEDURES EFFECTIVITY AND APPROVAL Revision 1 of this procedure became effective on July 6, 2004. This procedure consists of the pages and changes listed

More information