ICT Disaster Recovery Plan

Size: px
Start display at page:

Download "ICT Disaster Recovery Plan"

Transcription

1 7 Appendix A ICT Disaster Recovery Plan Definition of a Disaster A computer disaster is the occurrence of any computer system or associated event which causes the interruption of business, leading in the short or long term to business losses in any form. The IT disaster plan needs to be followed in conjunction with any Corporate Business Recovery plans in place. There are many different scenarios which would constitute a disaster within the IT Service of the Council, depending on the seriousness and duration of the event. Levels of a Disaster These can be broadly broken down into severity. Level One Those which affect a small number of Users for a short period of time, such as the following: Hardware malfunction which does not preclude the majority of systems from being processed. Breakdown of part of the distributed network of PCs and terminals, for whatever reason. Unavailability of a particular application due to software malfunction Staff shortage which reduces the production schedule. All of the above would normally be expected to be corrected within a short period of time. ( 6 hours max) Level Two Those events which affect a large number of Users for a short period of time. Examples of these are as follows: Interruption of power supply Prevention of access - due to events elsewhere within the council building Major system breakdown Total network unavailability Virus Attack leading to denial of service Level Three Those events which affect a large number of Users for a long period of time. These are generally considered to be major disasters and would include the following: Prolonged denial of access for whatever reason (bomb threat etc) Hardware destroyed by fire, flood etc. Total long term loss of communications networks Criticality of Applications. The levels of a disaster as given above may be further influenced by the criticality of the application being affected. The following list of priorities is suggested, as a starting point for comparisons, depending on the requirements of the Council. Priority One Applications involving urgent payments. The main systems involved in this category would be:! Payroll! Housing Benefit payments All of these would require urgent payments to be made, regardless of whether or not a computer system was available.

2 8 Priority Two Applications involving other payments, cash collection or income generation or front end public service function. These applications would include the following:! Payments to Creditors/Suppliers! In-house cash receipting for all payments.! Council Tax billing Applications involving public service! Although still of major importance the delays involved for such systems may not become critical for a, providing reasonable manual procedures were implemented. These would include the following applications.! Environmental Health! Housing! Planning and Building Control! Highways (street lighting etc) An exception to this group may be the Electoral Register, depending on whether or not an election was due. Priority Three Applications for administrative and control purposes. Although highly inconvenient a loss of functionality of these systems would not cause significant loss if they were inoperable for a period of time as long as manual controls were in place. Examples of these are:! Office Automation! Accountancy It follows from the above details that all Services should be aware of the nature of the disaster and subsequent loss of ICT facilities, therefore alternative back up processes should be in place 3. Preventive Measures No one would disagree that "prevention is better than cure" but it is not always obvious what preventive measures can be taken nor indeed if the cost associated with those measures is worthwhile. As with all insurance, risk assessments have to be made and measures introduced accordingly. Risks to operational and strategic services are considered in the corporate risk assessment process. In the main the major preventive measures are already in place in this Council's IT Service. Measures already in place This Council has already installed or put into action the following: -! Restricted access to Computer Suite! Dedicated power supply?! No food or drink within the Computer Suite! Additional fire extinguishers! Automatic communication to Fire Service! Fire alarm warning connected to main alarm system! Uninterruptable power supplies for all major equipment! Improved network cabling resilience and cable management! Duplicated hardware and software systems (fault tolerant hardware and software)! Air-conditioning plant cut-out! Control of air-conditioning water supply! Fire proof safe for on-site data storage.! Comprehensive off-site data storage! Hardware maintenance contracts for all equipment! Internal security - passwords, restricted access to Users etc. Prevention against "hacking" by unauthorised users! 24hour virus checking software for both internal and external s! Firewalls and web filtering and monitoring! Good housekeeping - general safety precautions

3 9 Disaster Recovery Recovery of Data Having taken all possible precautions against the occurrence of a disaster the next area that requires careful planning is in disaster recovery. As previously explained there can be many different disaster scenarios of varying degrees of seriousness but they all involve similar recovery procedures; the difference lies in the relative scale of the disaster. Recovery of Data - Software and Applications. The security of data is perhaps the most obvious area where preparations can be put into place for reasonable recovery. Most people are aware of the vulnerability of data although few individuals will do very much to provide adequate security. This is one area where corporate systems and networks can prove to be invaluable as data security is usually taken away from the responsibility of the User and is actioned by professional IT staff, using the appropriate equipment. Data Security Within the IT Service The IT Service dedicates a significant amount of operational time in taking security copies of data (software and applications) in various ways. Copies of very large databases are taken several times throughout the day and night to ensure that should a "disaster" occur then the minimum time is lost in recovering from the event. This event may be a simple re-run of a job, because a User or operator input incorrect information, or it may involve the recovery of the data after a severe corruption due to fire or other incident. In the main data security is achieved by copying from live data files, which generally reside on on-line disks, to magnetic tape media of one kind or another which can be removed from the system and stored elsewhere, in fireproof storage or as off-site security. Within the IT Service there are three levels of security copies, each of which may contain several different copies of the data: Level One This comprises those copies of data which have been most recently taken and which are kept available within the computer room. Level Two These are copies of all data taken each day and the most recently available are stored overnight within a fire-proof safe. Level Three On a weekly basis the latest copy of data is stored in an off-site storage area to ensure that alternative copies of data are available. Data security is taken from many sources, for each of the different operating platforms that we use. Replacement of Hardware. With most disaster situations one of the elements of the recovery plan will be the replacement of computer hardware which has either failed for some reason or has been destroyed by fire or some other means. The range of hardware involved is so diverse and so numerous that it is not be possible to have duplicated hardware in place therefore it is be necessary to seek other means to replace the hardware. Contracts/Agreements in place There are agreements in place with various suppliers to minimise the risk of prolonged server downtime. Our primary contract for hardware replacement is NDR. The contract has been procured through a partnership arrangement with 7 other local authorities in Kent and gives hardware replacement cover for all critical systems in TWBC. On and off site testing is included and a programme of recovery tests is planned throughout the partnership. This contract also offers a number of seats in a recovery room provided by NDR in the event that access to the Town Hall is restricted..

4 10 Other Service's Hardware Requirements. Depending upon the extent of the disaster it may also be necessary to obtain other distributed hardware such as PC equipment and terminals as well as other communications hardware such as modems, switches and routers. It is not considered that this would be a problem as all of this equipment is readily available in the market place and costs involved would be covered by insurance provision. Alternative Sites For all but the major disasters it is unlikely that the actual Computer Room Suite would be affected and therefore the provision of an alternative site would not be required. However, should a major disaster occur, such as a fire or flood, it is quite likely that the computer site would not be usable, at least in the short to medium term. In these instances an alternative site would be required to provide somewhere to install the repaired or replacement equipment. In the event of such a disaster or significant Denial of Access to the Town Hall, guidance should be sought from the corporate business recovery plan or technical emergency plan, to facilitate in liason with our primary disaster recovery contractor (NDR) the rapid deployment of ICT systems in alternative sites. Connection of Communication links. As all our local area networks are available anywhere on the network, and from the internet, as long as the integrity of the network is proved there should be no issues regarding access. Connection to remote links, such as Cranbrook offices, may need to be negotiated with British Telecom.

5 11 Actions in the event of a disaster occurring. " Identify the level and extent of the disaster - What has happened? " Where has it happened? " What people are affected/hurt etc? " What equipment is affected/destroyed? " What premises are affected and how severely? " Which computer services have been affected? " Are they priority 1,2,3 or 4 or a combination of these - What is the order of priority? " How long will these services be affected, short medium or long term? " Notify people involved with the Disaster Recovery Plan (DRP) - IT staff : who will do what? " Senior Management " Support Services? NDR, Insite etc " Equipment Suppliers? " External technical support services? Ie specific application support " Notify people involved with the Disaster - Users affected, by priority? " Customers affected, via Users? " Arrange for Users to invoke alternative/manual procedures? " Arrange for alternative site preparation - Inform suppliers of requirement? " Prepare site for portable unit? " Arrange for power supply connections? " Arrange for alternative communications - Provide for air-conditioning equipment? " Contact equipment supplier? " Inform supplier what equipment required, in priority order? " Obtain possible dates of delivery and publish to those affected? " What recovery can be made? " Is any equipment usable if moved - Can recovery work begin? " Locate recovery security copies of data and software? " Should the public be informed?

6 12 Disaster Recovery First Steps Identify the level and extent of the disaster - What has happened? Where has it happened? Who is affected Identify priority services Notify relevant parties regarding extent and complexity of disaster IT Staff External support services Senior managers Customers/Users Invoke Business Continuity Plan and Emergency Plan if required

Birkenhead Sixth Form College IT Disaster Recovery Plan

Birkenhead Sixth Form College IT Disaster Recovery Plan Author: Role: Mal Blackburne College Learning Manager Page 1 of 14 Introduction...3 Objectives/Constraints...3 Assumptions...4 Incidents Requiring Action...4 Physical Safeguards...5 Types of Computer Service

More information

Document Details. 247Time Backup & Disaster Recovery Plan. Author: Document Tracking. Page 1 of 12

Document Details. 247Time Backup & Disaster Recovery Plan. Author: Document Tracking. Page 1 of 12 Document Details Title: Author: 247Time Backup & Disaster Recovery Plan Document Tracking Page 1 of 12 TABLE OF CONTENTS 1 INTRODUCTION... 3 1.1 OVERVIEW... 3 1.2 DEFINED REQUIREMENT... 3 2 DISASTER OVERVIEW...

More information

Business continuity strategy

Business continuity strategy Business continuity strategy 2009 2012 Table of contents 1 Why this strategy is needed 3 2 Aim of the strategy 4 3 Our approach to business continuity 4 PROCESS 4 STRUCTURE 5 DOCUMENTATION 6 DISRUPTION

More information

APPENDIX 7. ICT Disaster Recovery Plan

APPENDIX 7. ICT Disaster Recovery Plan APPENDIX 7 ICT Disaster Recovery Plan This policy was approved and ratified by the Governing Body of Cox Green School on 15 th October 2013 Signed: Chair of Governors Date: Ratified: Oct 2013 Review: Sep

More information

SUBJECT: REPLACEMENT OF CORPORATE ELECTRONIC DATA STORAGE, BACKUP AND DISASTER RECOVERY SOLUTIONS

SUBJECT: REPLACEMENT OF CORPORATE ELECTRONIC DATA STORAGE, BACKUP AND DISASTER RECOVERY SOLUTIONS REPORT TO CABINET TO BE HELD ON 15 SEPTEMBER 2015 Key Decision No Forward Plan Ref No 23K Corporate Priority The proposals in this report contribute to the delivery of all the Council s priorities Cabinet

More information

Grasmere Primary School Asset Management Policy

Grasmere Primary School Asset Management Policy Grasmere Primary School Asset Management Policy 1. INTRODUCTION: 1.1.1 The Governing Body of Grasmere Primary School is responsible for the proper management and security of the school premises and the

More information

Contract # 04-06. Accepted on: March 29, 2005. Starling Systems. 711 S. Capitol Way, Suite 301 Olympia, WA 98501

Contract # 04-06. Accepted on: March 29, 2005. Starling Systems. 711 S. Capitol Way, Suite 301 Olympia, WA 98501 Disaster Recovery Plan Starling Systems Deliverable #15 - Draft I Contract # 04-06 Accepted on: March 29, 2005 Starling Systems 711 S. Capitol Way, Suite 301 Olympia, WA 98501 DISASTER RECOVERY PLAN TABLE

More information

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Information Security Policy September 2009 Newman University IT Services. Information Security Policy Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms

More information

Preparing a Disaster Recovery Plan (Church)

Preparing a Disaster Recovery Plan (Church) Preparing a Disaster Recovery Plan (Church) In the event of a serious fire, a church may be required to close during the rebuilding period. The rebuilding process can take up to two years or more. Heritage

More information

APPENDIX 7. ICT Disaster Recovery Plan

APPENDIX 7. ICT Disaster Recovery Plan APPENDIX 7 ICT Disaster Recovery Plan This policy was approved and ratified by the Governing Body of Cox Green School on 20 th October 2015 Signed: Chair of Governors Date: Version Authorisation Approval

More information

BACKUP STRATEGY AND DISASTER RECOVERY POLICY STATEMENT

BACKUP STRATEGY AND DISASTER RECOVERY POLICY STATEMENT TADCASTER GRAMMAR SCHOOL Toulston, Tadcaster, North Yorkshire. LS24 9NB BACKUP STRATEGY AND DISASTER RECOVERY POLICY STATEMENT Written by Steve South November 2003 Discussed with ICT Strategy Group January

More information

Local Government Cyber Security:

Local Government Cyber Security: Local Government Cyber Security: Guidelines for Backing Up Information A Non-Technical Guide Essential for Elected Officials Administrative Officials Business Managers Multi-State Information Sharing and

More information

Program: Management Information Systems. David Pfafman 01/11/2006

Program: Management Information Systems. David Pfafman 01/11/2006 Effective 04/20/2005 Page - 1 - POLICY: PURPOSE: It is the policy of to provide a plan to insure the accessibility of protected health information (PHI) in the event of data loss due to an emergency or

More information

The evolution of data connectivity

The evolution of data connectivity Leveraging the Benefits of IP and the Cloud in the Security Sector The CCTV and alarm industry has relied on analogue or Integrated Services Digital Network (ISDN) communications to provide data connectivity

More information

BUSINESS CONTINUITY PLAN

BUSINESS CONTINUITY PLAN BUSINESS CONTINUITY PLAN Signed Governor Print Name Date: Review: 1 To provide guidance to school staff, governors and external parties on how to react to disruption major or minor. 1. Rationale 1.1 To

More information

Disaster Recovery & Business Continuity Plan for ICT Services

Disaster Recovery & Business Continuity Plan for ICT Services Dartmoor National Park Authority Disaster Recovery & Business Continuity Plan for ICT Services August 2010 This document is copyright to Dartmoor National Park Authority and should not be used or adapted

More information

Supplier IT Security Guide

Supplier IT Security Guide Revision Date: 28 November 2012 TABLE OF CONTENT 1. INTRODUCTION... 3 2. PURPOSE... 3 3. GENERAL ACCESS REQUIREMENTS... 3 4. SECURITY RULES FOR SUPPLIER WORKPLACES AT AN INFINEON LOCATION... 3 5. DATA

More information

Business Continuity Management For Small to Medium-Sized Businesses

Business Continuity Management For Small to Medium-Sized Businesses Business Continuity Management For Small to Medium-Sized Businesses Produced by NORMIT and Norfolk County Council Resilience Team For an electronic copy of this document visit www.normit.org Telephone

More information

NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL.

NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL. NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL. Your Credit Union information is irreplaceable. Data loss can result

More information

Technology Solutions That Make Business Sense. The 10 Disaster Planning Essentials For A Small Business Network

Technology Solutions That Make Business Sense. The 10 Disaster Planning Essentials For A Small Business Network Technology Solutions That Make Business Sense. The 10 Disaster Planning Essentials For A Small Business Network If your data is important to your business and you cannot afford to have your operations

More information

Business Continuity Planning (BCP) / Disaster Recovery (DR)

Business Continuity Planning (BCP) / Disaster Recovery (DR) Business Continuity Planning (BCP) / Disaster Recovery (DR) Introduction Interruptions to business functions can result from major natural disasters such as earthquakes, floods, and fires, or from man-made

More information

Rotherham CCG Network Security Policy V2.0

Rotherham CCG Network Security Policy V2.0 Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October

More information

Business Continuity Plan Guidance and Template to support Small Businesses

Business Continuity Plan Guidance and Template to support Small Businesses Business Continuity Plan Guidance and Template to support Small Businesses Disclaimer This template and guidance is provided as general information about Business Continuity Planning. It is not intended

More information

business continuity plan for:

business continuity plan for: business continuity plan for: Insert your company name here Our statement of Business Continuity is: > To ensure all employees are competent to do their tasks, and to provide adequate training > To review

More information

Please note this policy is mandatory and staff are required to adhere to the content

Please note this policy is mandatory and staff are required to adhere to the content Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the

More information

IT Disaster Recovery Plan Template

IT Disaster Recovery Plan Template HOPONE INTERNET CORP IT Disaster Recovery Plan Template Compliments of: Tim Sexton 1/1/2015 An information technology (IT) disaster recovery (DR) plan provides a structured approach for responding to unplanned

More information

IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP Revision History REVISION DATE NAME DESCRIPTION Original 1.0 2 Table of Contents Information Technology Statement

More information

MAXIMUM PROTECTION, MINIMUM DOWNTIME

MAXIMUM PROTECTION, MINIMUM DOWNTIME MANAGED SERVICES MAXIMUM PROTECTION, MINIMUM DOWNTIME Get peace of mind with proactive IT support Designed to protect your business, save you money and give you peace of mind, Talon Managed Services is

More information

CLOUD SERVICE SCHEDULE

CLOUD SERVICE SCHEDULE CLOUD SERVICE SCHEDULE 1 DEFINITIONS Defined terms in the Standard Terms and Conditions have the same meaning in this Service Schedule unless expressed to the contrary. In this Service Schedule, unless

More information

Corporate Business Continuity Plan

Corporate Business Continuity Plan Corporate Business Continuity Plan Introduction The Council is a major business in the Town, and as part of its Quality Management System must ensure that it can recover quickly from a disaster which affects

More information

The 10 Disaster Planning Essentials For A Small Business Network

The 10 Disaster Planning Essentials For A Small Business Network The 10 Disaster Planning Essentials For A Small Business Network If your data is important to your business and you cannot afford to have your operations halted for days even weeks due to data loss or

More information

DPS HOSTED SOLUTIONS

DPS HOSTED SOLUTIONS DPS HOSTED SOLUTIONS DPS SOFTWARE 288 SOUTHBURY ROAD ENFIELD MIDDLESEX EN1 1TR DATE: OCTOBER 2009 DPS Software 2009 1 INDEX DPS HOSTED SOLUTIONS 1 INTRODUCTION 3 DPS HOSTING OVERVIEW 4 WHAT HAPPENS IF

More information

How Small/ Mid Size Companies Can Protect Their Business. Introduction

How Small/ Mid Size Companies Can Protect Their Business. Introduction Be Prepared How Small/ Mid Size Companies Can Protect Their Business By Sean W. O Donnell, President, Datacor, Inc. Introduction Recent disasters have brought the need for organizations to focus on business

More information

Course: Information Security Management in e-governance. Day 2. Session 5: Disaster Recovery Planning

Course: Information Security Management in e-governance. Day 2. Session 5: Disaster Recovery Planning Course: Information Security Management in e-governance Day 2 Session 5: Disaster Recovery Planning Agenda Introduction to Disaster Recovery Planning (DRP) Need for disaster recovery planning Approach

More information

ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY

ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 1.0 Ratified By Date Ratified Author(s) Responsible Committee / Officers Issue Date Review Date Intended Audience Impact Assessed CCG Committee

More information

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10

ASX CLEAR (FUTURES) OPERATING RULES Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

IT Checklist. for Small Business INFORMATION TECHNOLOGY & MANAGEMENT INTRODUCTION CHECKLIST

IT Checklist. for Small Business INFORMATION TECHNOLOGY & MANAGEMENT INTRODUCTION CHECKLIST INFORMATION TECHNOLOGY & MANAGEMENT IT Checklist INTRODUCTION A small business is unlikely to have a dedicated IT Department or Help Desk. But all the tasks that a large organization requires of its IT

More information

Cyber Security: Guidelines for Backing Up Information. A Non-Technical Guide

Cyber Security: Guidelines for Backing Up Information. A Non-Technical Guide Cyber Security: Guidelines for Backing Up Information A Non-Technical Guide Essential for Executives, Business Managers Administrative & Operations Managers This appendix is a supplement to the Cyber Security:

More information

Offsite Disaster Recovery Plan

Offsite Disaster Recovery Plan 1 Offsite Disaster Recovery Plan Offsite Disaster Recovery Plan Presented By: Natan Verkhovsky President Disty Portal Inc. 2 Offsite Disaster Recovery Plan Introduction This document is a comprehensive

More information

Pervasive PSQL Meets Critical Business Requirements

Pervasive PSQL Meets Critical Business Requirements Pervasive PSQL Meets Critical Business Requirements Pervasive PSQL White Paper May 2012 Table of Contents Introduction... 3 Data Backup... 3 Pervasive Backup Agent... 3 Pervasive PSQL VSS Writer... 5 Pervasive

More information

Guardian365. Managed IT Support Services Suite

Guardian365. Managed IT Support Services Suite Guardian365 Managed IT Support Services Suite What will you get from us? Award Winning Team Deloitte Best Managed Company in 2015. Ranked in the Top 3 globally for Best Managed Service Desk by the Service

More information

DISASTER RECOVERY AND BUSINESS CONTINUITY

DISASTER RECOVERY AND BUSINESS CONTINUITY DISASTER RECOVERY AND BUSINESS CONTINUITY ISO 9001/27001 PARTNER ONLY NODE4 LIMITED 03/01/2014 DISASTER RECOVERY PLAN This plan will be held at Node4 s premises located at Pride Park in Derby and also

More information

5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS

5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS 5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS 1 Introduction As small and mid-sized companies rely more heavily on their computer networks to

More information

Countering and reducing ICT security risks 1. Physical and environmental risks

Countering and reducing ICT security risks 1. Physical and environmental risks Countering and reducing ICT security risks 1. Physical and environmental risks 1. Physical and environmental risks Theft of equipment from staff areas and Theft of equipment from public areas Theft of

More information

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY DATA LABEL: PUBLIC INFORMATION SECURITY POLICY CONTENTS 1. INTRODUCTION... 3 2. MAIN OBJECTIVES... 3 3. LEGISLATION... 4 4. SCOPE... 4 5. STANDARDS... 4

More information

ASX SETTLEMENT OPERATING RULES Guidance Note 10

ASX SETTLEMENT OPERATING RULES Guidance Note 10 BUSINESS CONTINUITY AND DISASTER RECOVERY The purpose of this Guidance Note The main points it covers To assist participants to understand the disaster recovery and business continuity arrangements they

More information

Version 1.0. Ratified By

Version 1.0. Ratified By ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 1.0 Ratified By Date Ratified 5 th March 2013 Author(s) Responsible Committee / Officers Issue Date 5 th March 2013 Review Date Intended Audience

More information

Data Security and Data Protection

Data Security and Data Protection Most companies are totally reliant on information stored on their PCs, Laptops and Networks. If plant machinery stops working it can be replaced without too much inconvenience. If a computer stops working

More information

ULH-IM&T-ISP06. Information Governance Board

ULH-IM&T-ISP06. Information Governance Board Network Security Policy Policy number: Version: 2.0 New or Replacement: Approved by: ULH-IM&T-ISP06 Replacement Date approved: 30 th April 2007 Name of author: Name of Executive Sponsor: Name of responsible

More information

Business Continuity Business Continuity Management Policy

Business Continuity Business Continuity Management Policy Business Continuity Business Continuity Management Policy : Date of Issue: 28 January 2009 Version no: 1.1 Review Date: January 2010 Document Owner: Patricia Hughes Document Authoriser: Tony Curtis 1 Version

More information

Nine Steps to Smart Security for Small Businesses

Nine Steps to Smart Security for Small Businesses Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...

More information

BUSINESS CONTINUITY PLAN

BUSINESS CONTINUITY PLAN BUSINESS CONTINUITY PLAN Business Name: Phone # Cell # Emergency Contact Information: Dial 9-1-1 in an Emergency Non-Emergency: Police: Fire: Insurance Provider: Emergency Planning Team: I. CRITICAL OPERATIONS

More information

DETAIL AUDIT PROGRAM Information Systems General Controls Review

DETAIL AUDIT PROGRAM Information Systems General Controls Review Contributed 4/23/99 by Steve_Parker/TBE/Teledyne@teledyne.com DETAIL AUDIT PROGRAM Information Systems General Controls Review 1.0 Introduction The objectives of this audit are to review policies, procedures,

More information

The University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1

The University of Iowa. Enterprise Information Technology Disaster Plan. Version 3.1 Version 3.1 November 22, 2004 TABLE OF CONTENTS PART 1: DISASTER RECOVERY EXPECTATIONS... 3 OVERVIEW...3 EXPECTATIONS PRIOR TO AN INCIDENT OCCURRENCE...3 EXPECTATIONS PRIOR TO A DISASTER OCCURRENCE...4

More information

Hong Kong Baptist University

Hong Kong Baptist University Hong Kong Baptist University Disaster Recovery Standard FOR INTERNAL USE ONLY Date of Issue: JULY 2012 Revision History Version Author Date Revision 1.0 Information Security Subcommittee (ISSC) July 2012

More information

Karen Winter Service Manager Schools and Traded Services 01823 355267 KWinter@somerset.gov.uk

Karen Winter Service Manager Schools and Traded Services 01823 355267 KWinter@somerset.gov.uk Somerset Services to Education Providers 2014-2015 SOUTHWEST ONE TECHNOLOGY SERVICES Service Provider: Southwest One Service Category: Academy Schools - Chargeable Contact: Karen Winter Service Manager

More information

Availability and Disaster Recovery: Basic Principles

Availability and Disaster Recovery: Basic Principles Availability and Disaster Recovery: Basic Principles by Chuck Petch, WVS Senior Technical Writer At first glance availability and recovery may seem like opposites. Availability involves designing computer

More information

The Ministry of Information & Communication Technology MICT

The Ministry of Information & Communication Technology MICT The Ministry of Information & Communication Technology MICT Document Reference: ISGSN2012-10-01-Ver 1.0 Published Date: March 2014 1 P a g e Table of Contents Table of Contents... 2 Definitions... 3 1.

More information

BNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN

BNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN BNA FEDERAL CREDIT UNION DISASTER RECOVERY PLAN INTRODUCTION The need for a contingency plan for business interruptions is vital to the operations of the BNA Federal Credit Union. Without such a plan,

More information

RPI Employee s Federal Credit Union Business Continuity/Disaster Recovery Plan. January 23, 2012

RPI Employee s Federal Credit Union Business Continuity/Disaster Recovery Plan. January 23, 2012 RPI Employee s Federal Credit Union Business Continuity/Disaster Recovery Plan January 23, 2012 Purpose and Objectives 2 Disaster Recovery Organizational Structure 3 Appendices: Disaster Recovery Emergency

More information

MANAGED WORKSTATIONS: Keeping your IT running

MANAGED WORKSTATIONS: Keeping your IT running MANAGED WORKSTATIONS: Keeping your IT running What state are your PCs in? Systems running slowly? PCs or laptops crashing for no reason? Too much time trying to resolve simple IT issues? Out-of-date software?

More information

Network Security Policy

Network Security Policy IGMT/15/036 Network Security Policy Date Approved: 24/02/15 Approved by: HSB Date of review: 20/02/16 Policy Ref: TSM.POL-07-12-0100 Issue: 2 Division/Department: Nottinghamshire Health Informatics Service

More information

INFORMATION SECURITY MANAGEMENT SYSTEM. Version 1c

INFORMATION SECURITY MANAGEMENT SYSTEM. Version 1c INFORMATION SECURITY MANAGEMENT SYSTEM Version 1c Revised April 2011 CONTENTS Introduction... 5 1 Security Policy... 7 1.1 Information Security Policy... 7 1.2 Scope 2 Security Organisation... 8 2.1 Information

More information

IT Data Security Policy

IT Data Security Policy IT Data Security Policy Contents 1. Purpose...2 2. Scope...2 3. Policy...2 Access to the University computer network... 3 Security of computer network... 3 Data backup... 3 Secure destruction of data...

More information

Contents. Finance and Information Technology Directorate. Disaster Recovery Policy

Contents. Finance and Information Technology Directorate. Disaster Recovery Policy Finance and Information Technology Directorate Contents 0. Revision History 1. Background 2. Risks 3. General Principles of Service Provision 4. Server Rooms 5. Local Area Network 6. Common Services 7.

More information

Don t gamble with your business prepare for survival

Don t gamble with your business prepare for survival Don t gamble with your business prepare for survival Businesslike, efficient and customer aware This guide will help you to identify potential risks, make preparations for emergencies and test how your

More information

EDP HOSTING SERVICES Reducing Your Costs & Protecting Your Business

EDP HOSTING SERVICES Reducing Your Costs & Protecting Your Business EDP HOSTING SERVICES Reducing Your Costs & Protecting Your Business Cost-effective, client focused, business solutions. Building relationships for business growth Considering outsourcing your computing

More information

Oadby and Wigston Borough Council. Information and Communications Technology (I.C.T.) Section

Oadby and Wigston Borough Council. Information and Communications Technology (I.C.T.) Section Appendix 1 Oadby and Wigston Borough Council Information and Communications Technology (I.C.T.) Section Information Communication Technology Contingency and Disaster Recovery Plan Version 0.1 10/04/09

More information

Business Continuity Plan Toolkit

Business Continuity Plan Toolkit Business Continuity Plan Toolkit March 2015 1 Contents The Template instructions for use... 2 Introduction... 3 What is the purpose of this toolkit?... 3 Why do you need a Business Continuity Plan?...

More information

Cloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud

Cloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud Cloud Computing Chapter 10 Disaster Recovery and Business Continuity and the Cloud Learning Objectives Define and describe business continuity. Define and describe disaster recovery. Describe the benefits

More information

ICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation

ICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation ICT SECURITY POLICY Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation Responsibility Assistant Principal, Learner Services Jannette

More information

Business Continuity Planning and Disaster Recovery Planning

Business Continuity Planning and Disaster Recovery Planning 4 Business Continuity Planning and Disaster Recovery Planning Basic Concepts 1. Business Continuity Management: Business Continuity means maintaining the uninterrupted availability of all key business

More information

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 3.0 Ratified By Date Ratified April 2013 Author(s) Responsible Committee / Officers Issue Date January 2014 Review Date Intended Audience Impact

More information

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs)

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs) IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs) Version 3.2 Ratified By Date Ratified November 2014 Author(s) Responsible Committee / Officers Issue Date November 2014 Review Date

More information

Backup and Redundancy

Backup and Redundancy Backup and Redundancy White Paper NEC s UC for Business Backup and Redundancy allow businesses to operate with confidence, providing security for themselves and their customers. When a server goes down

More information

Ohio Supercomputer Center

Ohio Supercomputer Center Ohio Supercomputer Center IT Business Continuity Planning No: Effective: OSC-13 06/02/2009 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original

More information

Disaster Recovery for Small Businesses

Disaster Recovery for Small Businesses Technical White Paper Disaster Recovery for Small Businesses A disaster recovery plan helps you understand what data is critical to your business operations and how to best protect it from unexpected failures.

More information

UoB Risk Assessment Methodology

UoB Risk Assessment Methodology [Type here] UoB Risk Assessment Methodology The Risk Assessment Methodology describes how information security risk will be managed, including guidance for assessing, scoring, choosing acceptance or treatment

More information

ICT, PROCUREMENT AND ASSET MANAGEMENT 18 APRIL 2008 SUB-COMMITTEE DISASTER RECOVERY/CONTINGENCY PLANNING

ICT, PROCUREMENT AND ASSET MANAGEMENT 18 APRIL 2008 SUB-COMMITTEE DISASTER RECOVERY/CONTINGENCY PLANNING ICT, PROCUREMENT AND ASSET MANAGEMENT 18 APRIL 2008 SUB-COMMITTEE DISASTER RECOVERY/CONTINGENCY PLANNING Report by Director of Finance and Corporate Resources PURPOSE OF REPORT To bring before the Sub-Committee

More information

How to Build a Comprehensive Business Continuity Plan

How to Build a Comprehensive Business Continuity Plan How to Build a Comprehensive Business Continuity Plan Business continuity planning is essential for any business. A business continuity plan carried out effectively will enable any business to continue

More information

Connors State College

Connors State College Connors State College Page 1 Connors State College IT Systems Disaster Recovery Plan Connors State College - 1 - Information Technology Systems Connors State College Page 2 Disclaimer: The techniques for

More information

MANAGED SERVICES ON DEMAND SERVICES BACKUP AND DISASTER RECOVERY CLOUD SERVICES HARDWARE AS A SERVICE. Exceed Best

MANAGED SERVICES ON DEMAND SERVICES BACKUP AND DISASTER RECOVERY CLOUD SERVICES HARDWARE AS A SERVICE. Exceed Best MANAGED SERVICES ON DEMAND SERVICES BACKUP AND DISASTER RECOVERY CLOUD SERVICES HARDWARE AS A SERVICE Avoid the capital investment required for maintaining and replacing your technology. Our Hardware as

More information

Contents. Introduction. What is the Cloud? How does it work? Types of Cloud Service. Cloud Service Providers. Summary

Contents. Introduction. What is the Cloud? How does it work? Types of Cloud Service. Cloud Service Providers. Summary Contents Introduction What is the Cloud? How does it work? Types of Cloud Service Cloud Service Providers Summary Introduction The CLOUD! It seems to be everywhere these days; you can t get away from it!

More information

MSP Service Matrix. Servers

MSP Service Matrix. Servers Servers MSP Service Matrix Microsoft Windows O/S Patching - Patches automatically updated on a regular basis to the customer's servers and desktops. MS Baseline Analyzer and MS WSUS Server used Server

More information

Disaster Recovery Strategy for Microsoft Environment

Disaster Recovery Strategy for Microsoft Environment Disaster Recovery Strategy for Microsoft Environment Introduction In business, a computer disaster equals an event that halts the normal operation of day-to-day business activities. A disastrous event

More information

Data Backup Options for SME s

Data Backup Options for SME s Data Backup Options for SME s As an IT Solutions company, Alchemy are often asked what is the best backup solution? The answer has changed over the years and depends a lot on your situation. We recognize

More information

Primary Eyecare Cheshire Ltd: Business Continuity and Disaster Recovery Plan

Primary Eyecare Cheshire Ltd: Business Continuity and Disaster Recovery Plan Document name: Primary Eyecare Cheshire Ltd: Business Continuity and Disaster Recovery Plan Date created: January 2015 Author: LOCSU Approved by: Board of Directors on 26/01/2015 Primary Eyecare Cheshire

More information

SERVICE LEVEL AGREEMENT

SERVICE LEVEL AGREEMENT SERVICE LEVEL AGREEMENT This Service Level Agreement (SLA) is provided by ECS and is intended to define services and responsibilities between ECS and customer. ECS along with contracted 3 rd party partners

More information

ICT Policy. Executive Summary. Date of ratification Executive Team Committee 22nd October 2013. Document Author(s) Collette McQueen

ICT Policy. Executive Summary. Date of ratification Executive Team Committee 22nd October 2013. Document Author(s) Collette McQueen ICT Policy THCCGIT20 Version: 01 Executive Summary This document defines the Network Infrastructure and File Server Security Policy for Tower Hamlets Clinical Commissioning Group (CCG). The Network Infrastructure

More information

Operational Risk Publication Date: May 2015. 1. Operational Risk... 3

Operational Risk Publication Date: May 2015. 1. Operational Risk... 3 OPERATIONAL RISK Contents 1. Operational Risk... 3 1.1 Legislation... 3 1.2 Guidance... 3 1.3 Risk management process... 4 1.4 Risk register... 7 1.5 EBA Guidelines on the Security of Internet Payments...

More information

DISASTER RECOVERY AND NETWORK REDUNDANCY WHITE PAPER

DISASTER RECOVERY AND NETWORK REDUNDANCY WHITE PAPER DISASTER RECOVERY AND NETWORK REDUNDANCY WHITE PAPER Disasters or accidents would cause great harm on network infrastructure. It is unavoidable and the operation of network would be hampered for a long

More information

Education and Workforce Development Cabinet POLICY/PROCEDURE. Policy Number: EDU-06 Effective Date: April 15, 2006 Revision Date: December 20, 2012

Education and Workforce Development Cabinet POLICY/PROCEDURE. Policy Number: EDU-06 Effective Date: April 15, 2006 Revision Date: December 20, 2012 Education and Workforce Development Cabinet POLICY/PROCEDURE Policy Number: EDU-06 Effective Date: April 15, 2006 Revision Date: December 20, 2012 Subject: Backup Procedures Tower and Server Farms Policy:

More information

Records Management and Security Procedure. Approved by: Executive Management Team Version: 1.2 Date: 21.9.2015

Records Management and Security Procedure. Approved by: Executive Management Team Version: 1.2 Date: 21.9.2015 Document: Records Management and Security Procedure Approved by: Executive Management Team Version: 1.2 Date: 21.9.2015 1. Overview Senior management of Wentworth Institute ( WINWIN ) have a legal responsibility

More information

Planning and Implementing Disaster Recovery for DICOM Medical Images

Planning and Implementing Disaster Recovery for DICOM Medical Images Planning and Implementing Disaster Recovery for DICOM Medical Images A White Paper for Healthcare Imaging and IT Professionals I. Introduction It s a given - disaster will strike your medical imaging data

More information

IT - General Controls Questionnaire

IT - General Controls Questionnaire IT - General Controls Questionnaire Internal Control Questionnaire Question Yes No N/A Remarks G1. ACCESS CONTROLS Access controls are comprised of those policies and procedures that are designed to allow

More information

DISASTER RECOVERY PLAN FOR MKHAMBATHINI MUNICIPALITY

DISASTER RECOVERY PLAN FOR MKHAMBATHINI MUNICIPALITY DISASTER RECOVERY PLAN FOR MKHAMBATHINI MUNICIPALITY 1 Document Approval This document has been endorsed and approved by Council. Chairperson of the Council Date Document Version Control Name Status Version

More information

Guidance on data security breach management

Guidance on data security breach management Guidance on data security breach management Organisations which process personal data must take appropriate measures against unauthorised or unlawful processing and against accidental loss, destruction

More information

Information Security Policy

Information Security Policy Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September

More information

WEST SOMERSET COLLEGE CONTINGENCY & BUSINESS CONTINUITY PLAN

WEST SOMERSET COLLEGE CONTINGENCY & BUSINESS CONTINUITY PLAN WEST SOMERSET COLLEGE CONTINGENCY & BUSINESS CONTINUITY PLAN is committed to safeguarding and promoting the welfare of children and young people and expects all staff and volunteers to share this commitment.

More information