This policy is not designed to use systems backup for the following purposes:

Size: px
Start display at page:

Download "This policy is not designed to use systems backup for the following purposes:"

Transcription

1 Number: AC IT POL 003 Subject: Backup and Restore Policy 1. PURPOSE The backup and restore policy establishes the need and rules for performing periodic system backup to permit timely restoration of Africa Centre information assets in the case of system malfunction, accidental deletion, intentional destruction or natural disaster. This policy is not designed to use systems backup for the following purposes: 2. SCOPE To archive data for future reference To maintain a versioned history of data This policy applies to all information assets stored on servers owned, leased, operated or maintained by the Africa Centre. 3. POLICY 3.1. Persons in charge Each data backup process should have at least one primary person in charge and one substitute Data backup is a critical security measure thus the relevant persons in charge should be committed in writing to adherence to this backup policies The person in charge will be responsible for the development and implementation of the backup procedures on per server basis as defined in section 7.1 in accordance with the best practices described in section 3.2 to section Frequency Differential backups will be performed daily Differential backups will be saved for a full week A full systems backup will be performed weekly Weekly backups will be saved for a full month. Page 1 of 6

2 The last weekly backup of the month will be marked as a monthly backup Monthly backups will be saved for 4 months Storage, access and security Legible, unique labels shall be placed on all backup media Daily incremental backup shall be stored in an adjacent building in a fireproof safe Monthly backup shall be stored in a secure location at least 10 km away from the server room Proper environment controls, temperature, humidity, fire protection and low level of electro magnetic radiation shall be maintained at the storage location During transport or changes of media, media shall not be left unattended Read only access to backup data is restricted to the persons in charge who have responsibility for recovering the data. Write access is granted only to the batch job creating the copy Backup verification The backup software should capture a list of all files and directories encountered and saved to tape. Logs should contain information about successful backups, tapes that were left in place accidentally and overwritten, when and where the tapes were sent offsite, the success or failure of restore tests and bad tapes encountered which may affect the ability to obtain files from previous backup On a daily basis, logged information generated from each backup job will be sent by to data custodians and persons in charge and reviewed for the following purposes: To check for and correct errors To monitor duration of the backup job To optimize backup performance 3.5. Testing The ability to restore data from backups shall be tested at least quarterly It must at least once be proven that complete data restoration is possible (e.g. all data contained in a server must be installed on an alternative server using substitute reading equipment to the data backup writing equipment). This ensures reliable testing as to whether: Data restoration is possible The data backup procedure is practicable. Page 2 of 6

3 There is sufficient documentation of the data backup, thus allowing a substitute to carry out the data restoration if necessary The time required for the data restoration meets the availability requirements The person in charge must maintain records demonstrating the review of logs and test restores so as to demonstrate compliance with this policy for auditing purposes Training All persons in charge of data backup should receive adequate training on the data backup process, data restoration process, media rotation, retention and storage Regular refresher, motivation campaigns and adherence checking on data backup must be conducted 3.7. Request for Restoration Users that need files restored must submit a request to the help desk with information about the file creation date, the name of the file, the last time it was changed, and the date and time it was deleted or destroyed Tape Drive Cleaning Tape drives shall be cleaned monthly The cleaning tape shall be changed when they reach the maximum number of cleanings as per manufacturer recommendation Retirement and Disposal of Media The date each tape was put into service shall be recorded on the tape Tapes that have been used longer than two years shall be discarded and replaced with new tapes Prior to tape retirement or reuse for other purpose, the person in charge will ensure the following: The media no longer contains active backup images or that any active backup images have been copied to other media The media s current or former contents can not be read or recovered by an unauthorized party Prior to tape disposal, the person in charge will ensure the physical destruction of the media. Page 3 of 6

4 4. REFERENCES N/A 5. DEFINITIONS/ABBREVIATIONS 5.1. Backup: To back up data is to copy them to another medium so that, if the active data are lost, they can be recovered in a recent if not completely current version. Backup is primarily intended for disaster recovery, and the assumption is that in most cases the backed up data will not be read Archive: To archive data is to move them to another medium for long term storage. Archive is intended for the storage of data that do not need to be kept immediately accessible, but which may possibly be needed at some point in the future Restore: The process of bringing off line storage data back from the offline media and putting it on an online storage system such as a file server Full data backup: With this procedure, all data requiring backup are stored on an additional data medium without consideration as to whether the files have been changed since the last backup. For this reason, full data backup requires a high storage capacity. Its advantage is the simple and quick restoration of data due to the fact that only the relevant files need to be extracted from the last full data backup. If full data backups are carried out infrequently, extensive changes to a file can result in major updating requirements 5.5. Incremental data backup: In contrast to full data backup, this procedure simply stores the files which have been changed since the last (incremental or full) backup. This saves storage capacity and shortens the time required for the data backup. The restoration time for data is generally high, as the relevant files must be extracted from backups made at different stages. Incremental data backups are always based on full data backups and should be interspersed periodically by full data backups. During restoration, the last full backup is taken as a basis which is then extended with the updates from subsequent, incremental backups Differential data backup: This procedure stores only the files that have been changed since the last full data backup. A differential backup requires more memory space than an incremental backup but the files can be restored quicker and easier. For restoration of data, the last full data backup will suffice as will the most recent differential backup. This is not the case with an incremental backup, since under some circumstances many data backups must be read one after the other. Page 4 of 6

5 6. APPENDICES 6.1. Backup procedures on a per server basis The person in charge will document and implement backup procedures on a per server basis that define: 1. Influential factors o Specifying the data to be backed up o Data availability requirements o Effort required for data reconstruction without data backup o Data volumes o Modification volumes o Modification times o Deadlines o Confidentiality requirements o Integrity requirements o Knowledge and data processing competence of users 2. Data backup a. Specifications for each backup type Type of data backup Frequency and times of data backup Number of generations Tape identification Responsibility for data backup Storage location for backup copies Reconstruction times for the existing data backup system b. Determining procedures of data restoration by type c. Identify operational reading device Sign-off by Africa Centre data custodians and data owners DOCUMENT CONTROL Document Information Document Title Backup and Restore Policy Version 1.2 Page 5 of 6

6 Status Approved First Issued Maintained by Head of IT Revision History Version Date Details Page 6 of 6

IT Data Backup Policy

IT Data Backup Policy IT Data Backup Policy TABLE OF CONTENTS 1. Purpose and Intention of the Policy... 2 2. Definitions of concepts... 2 3. Legislative Authority... 2 4. Scope... 3 5. responsibilty... 3 6. Frequency of data

More information

UMHLABUYALINGANA MUNICIPALITY

UMHLABUYALINGANA MUNICIPALITY UMHLABUYALINGANA MUNICIPALITY BACKUP AND RESTORE POLICY Backup and Restore Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Originator Recommended by Director of

More information

BACKUP POLICY Date: 04/12/2009

BACKUP POLICY Date: 04/12/2009 BACKUP POLICY Date: 04/12/2009 Approvals Head of Department Signature Date Municipal Manager Signature. Date Divisional Manager: Information Management Signature.. Date.. Table contents Heading Page Overview

More information

Education and Workforce Development Cabinet POLICY/PROCEDURE. Policy Number: EDU-06 Effective Date: April 15, 2006 Revision Date: December 20, 2012

Education and Workforce Development Cabinet POLICY/PROCEDURE. Policy Number: EDU-06 Effective Date: April 15, 2006 Revision Date: December 20, 2012 Education and Workforce Development Cabinet POLICY/PROCEDURE Policy Number: EDU-06 Effective Date: April 15, 2006 Revision Date: December 20, 2012 Subject: Backup Procedures Tower and Server Farms Policy:

More information

15 Organisation/ICT/02/01/15 Back- up

15 Organisation/ICT/02/01/15 Back- up 15 Organisation/ICT/02/01/15 Back- up 15.1 Description Backup is a copy of a program or file that is stored separately from the original. These duplicated copies of data on different storage media or additional

More information

IT BACKUP POLICY. This Policy applies to all University electronic data stored on all IT-managed applications and systems.

IT BACKUP POLICY. This Policy applies to all University electronic data stored on all IT-managed applications and systems. IT BACKUP POLICY PURPOSE Brock University requires its data and systems to be backed up and the backup media (both tape and disk) be stored in a secure manner. This Policy aims to protect data and systems

More information

CHAPTER 9 System Backup and Restoration, Disk Cloning

CHAPTER 9 System Backup and Restoration, Disk Cloning CHAPTER 9 System Backup and Restoration, Disk Cloning Learning Objectives After completing this lesson, you should be able to: i. Explain the method of doing data backup and restoration. ii. Describe the

More information

Maruleng Local Municipality BACKUP POLICY

Maruleng Local Municipality BACKUP POLICY Maruleng Local Municipality BACKUP POLICY Version control Version Date Author(s) Details 1.1 23/03/2012 Masilo Modiba New policy BACKUP POLICY 2 Table contents 1. Introduction 2. Scope 3. Definitions 4.

More information

Backup Policy (ITP004) Information Technology Services Department

Backup Policy (ITP004) Information Technology Services Department Introduction This policy defines the backup guidelines for systems within the Central Dauphin School District. These systems are typically servers, Storage Area Network devices (SAN), or Network-Attached

More information

HOW TO CREATE A VITAL RECORDS PROTECTION PLAN. New York State Unified Court System Division of Court Operations Office of Records Management

HOW TO CREATE A VITAL RECORDS PROTECTION PLAN. New York State Unified Court System Division of Court Operations Office of Records Management HOW TO CREATE A VITAL RECORDS PROTECTION PLAN New York State Unified Court System Division of Court Operations Office of Records Management June 2003 TABLE OF CONTENTS Purpose of a Vital Records Protection

More information

Idaho Judicial Branch Scanning and Imaging Guidelines DRAFT - October 25, 2013

Idaho Judicial Branch Scanning and Imaging Guidelines DRAFT - October 25, 2013 Idaho Judicial Branch Scanning and Imaging Guidelines DRAFT - October 25, 2013 A. Introduction Many of Idaho s courts have considered or implemented the use of digital imaging systems to scan court documents

More information

Mille Lacs County Data Services - Backup Policy

Mille Lacs County Data Services - Backup Policy Mille Lacs County Data Services - Backup Policy Produced by: Information Services Date: April, 2010 Version: 1.3 Document status: Active Date effective from: 5/18/2010 Date of review: Author: Michael Virnig

More information

INFORMATION GOVERNANCE POLICY: DATA BACKUP, RESTORE & FILE STORAGE HANDLING

INFORMATION GOVERNANCE POLICY: DATA BACKUP, RESTORE & FILE STORAGE HANDLING INFORMATION GOVERNANCE POLICY: DATA BACKUP, RESTORE & FILE STORAGE HANDLING Original Approved by: Policy and Procedure Ratification Sub-group on 23 October 2007 Version 2.2 Approved by : Information Governance

More information

San Francisco Chapter. Information Systems Operations

San Francisco Chapter. Information Systems Operations Information Systems Operations Overview Operations as a part of General Computer Controls Key Areas of focus within Information Systems Operations Key operational risks Controls generally associated with

More information

Auditing in an Automated Environment: Appendix C: Computer Operations

Auditing in an Automated Environment: Appendix C: Computer Operations Agency Prepared By Initials Date Reviewed By Audit Program - Computer Operations W/P Ref Page 1 of 1 Procedures Initials Date Reference/Comments OBJECTIVE - To document the review of the computer operations

More information

Harbinger Escrow Services Backup and Archiving Policy. Document version: 2.8. Harbinger Group Pty Limited Delivered on: 18 March 2008

Harbinger Escrow Services Backup and Archiving Policy. Document version: 2.8. Harbinger Group Pty Limited Delivered on: 18 March 2008 Document version: 2.8 Issued to: Harbinger Escrow Services Issued by: Harbinger Group Pty Limited Delivered on: 18 March 2008 Harbinger Group Pty Limited, Commercial in Confidence Table of Contents 1 Introduction...

More information

About Backing Up a Cisco Unity System

About Backing Up a Cisco Unity System CHAPTER 4 Introduction This chapter describes in general terms backing up a Cisco Unity system. When you back up a Cisco Unity server (and one or more Exchange servers) you need to consider the same issues

More information

Version: 1.5 2014 Page 1 of 5

Version: 1.5 2014 Page 1 of 5 Version: 1.5 2014 Page 1 of 5 1.0 Overview A backup policy is similar to an insurance policy it provides the last line of defense against data loss and is sometimes the only way to recover from a hardware

More information

Volume UC DAVIS HEALTH SYSTEM. HIPAA Security Compliance Workbook. Multi User Guide

Volume UC DAVIS HEALTH SYSTEM. HIPAA Security Compliance Workbook. Multi User Guide Volume 1 UC DAVIS HEALTH SYSTEM HIPAA Security Compliance Workbook Multi User Guide UC DAVIS HEALTH SYSTEM HIPAA Security Compliance Workbook Guide Table of Contents Introduction General Instructions SECTION

More information

Document Management Plan Preparation Guidelines

Document Management Plan Preparation Guidelines Document Management Plan Preparation Guidelines TABLE OF CONTENTS 1. Purpose of Document 1 2. Definition of Document Management 1 3. Objectives of Document Management 1 4. Terms, Acronyms and Abbreviations

More information

BACK UP POLICY Page 1 of 7 BACK UP POLICY

BACK UP POLICY Page 1 of 7 BACK UP POLICY BACK UP POLICY Page 1 of 7 BACK UP POLICY TABLE OF CONTENT 1. INTRODUCTION... 2 2. DEFINITIONS... 3 3. SCOPE... 3 4. TIMINGS... 4 5. DATA BACKED UP... 4 6. EXCLUDED EXTENSIONS... 4 7. PROCEDURES... 5 8.

More information

Administrators Guide Multi User Systems. Calendar Year

Administrators Guide Multi User Systems. Calendar Year Calendar Year 2012 Enter Facility Name Here HIPAA Security Compliance Workbook For Core Measure 15 of Meaningful Use Requirements Annual Risk Analysis Administrators Guide Multi User Systems 1 HIPPA Compliance

More information

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This

More information

ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY

ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 1.0 Ratified By Date Ratified Author(s) Responsible Committee / Officers Issue Date Review Date Intended Audience Impact Assessed CCG Committee

More information

CENTER FOR NUCLEAR WASTE REGULATORY ANALYSES

CENTER FOR NUCLEAR WASTE REGULATORY ANALYSES Page 1 of 5 ELECTRONIC FILE ARCHIVAL AND BACKUP PROCEDURES EFFECTIVITY AND APPROVAL Revision 1 of this procedure became effective on July 6, 2004. This procedure consists of the pages and changes listed

More information

2.1 To define the backup strategy for systems and data within the Cape Winelands District Municipality (CWDM).

2.1 To define the backup strategy for systems and data within the Cape Winelands District Municipality (CWDM). BACKUP POLICY POLICY ADOPTED BY COUNCIL ON 25 APRIL 2012 AT ITEM C.14.3 POLICY AMENDED BY COUNCIL ON 24 APRIL 2014 AT ITEM C.14.1 Cape Winelands District Municipality Backup Policy 1. 1. INTRODUCTION Computer

More information

Records Management - Risk Assessment Tool

Records Management - Risk Assessment Tool Introduction This Risk Assessment Tool is designed to: - Provide business units with a quick reference to identify obvious risks to their records and recordkeeping systems - Assess additional risks within

More information

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 3.0 Ratified By Date Ratified April 2013 Author(s) Responsible Committee / Officers Issue Date January 2014 Review Date Intended Audience Impact

More information

Exhibit to Data Center Services Service Component Provider Master Services Agreement

Exhibit to Data Center Services Service Component Provider Master Services Agreement Exhibit to Data Center Services Service Component Provider Master Services Agreement DIR Contract No. DIR-DCS-SCP-MSA-002 Between The State of Texas, acting by and through the Texas Department of Information

More information

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs)

IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs) IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs) Version 3.2 Ratified By Date Ratified November 2014 Author(s) Responsible Committee / Officers Issue Date November 2014 Review Date

More information

THE BASIC BACKUP GUIDE TAPE BACKUP STRATEGIES FOR THE SMALL-TO-MEDIUM BUSINESS

THE BASIC BACKUP GUIDE TAPE BACKUP STRATEGIES FOR THE SMALL-TO-MEDIUM BUSINESS THE BASIC BACKUP GUIDE TAPE BACKUP STRATEGIES FOR THE SMALL-TO-MEDIUM BUSINESS 1010370-001 ii Contents About This Guide.................. v Why tape is ideal for backup... v automation - now available

More information

BACKUP SECURITY GUIDELINE

BACKUP SECURITY GUIDELINE Section: Information Security Revised: December 2004 Guideline: Description: Backup Security Guidelines: are recommended processes, models, or actions to assist with implementing procedures with respect

More information

Version 1.0. Ratified By

Version 1.0. Ratified By ICT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY Version 1.0 Ratified By Date Ratified 5 th March 2013 Author(s) Responsible Committee / Officers Issue Date 5 th March 2013 Review Date Intended Audience

More information

Union County. Electronic Records and Document Imaging Policy

Union County. Electronic Records and Document Imaging Policy Union County Electronic Records and Document Imaging Policy Adopted by the Union County Board of Commissioners December 2, 2013 1 Table of Contents 1. Purpose... 3 2. Responsible Parties... 3 3. Availability

More information

ICT Policy. Executive Summary. Date of ratification Executive Team Committee 22nd October 2013. Document Author(s) Collette McQueen

ICT Policy. Executive Summary. Date of ratification Executive Team Committee 22nd October 2013. Document Author(s) Collette McQueen ICT Policy THCCGIT20 Version: 01 Executive Summary This document defines the Network Infrastructure and File Server Security Policy for Tower Hamlets Clinical Commissioning Group (CCG). The Network Infrastructure

More information

SOUTHWEST VIRGINIA COMMUNITY COLLEGE RECORDS MANAGEMENT POLICY

SOUTHWEST VIRGINIA COMMUNITY COLLEGE RECORDS MANAGEMENT POLICY SOUTHWEST VIRGINIA COMMUNITY COLLEGE RECORDS MANAGEMENT POLICY Statement of Intent This policy establishes the general responsibilities for management, retention, and disposition of SOUTHWEST VIRGINIA

More information

Backup Policy. Document Title: No. Pages 5. Document Type: Policy. Scope: OCIO, Operations Branch

Backup Policy. Document Title: No. Pages 5. Document Type: Policy. Scope: OCIO, Operations Branch Document Title: Backup Policy Document Type: Policy No. Pages 5 Scope: OCIO, Operations Branch Trim Number: DOC02866/2007 Revision: 3 Treasury Board Approval: TBM 2007-300 Date Implemented: 2011/03/08

More information

Corporate ICT Availability

Corporate ICT Availability Policy Corporate ICT Availability Please note this policy is mandatory and staff are required to adhere to the content Summary DECD ICT facilities and information must be available during agreed operational

More information

CMS Operational Policy for Disk Space Storage Management

CMS Operational Policy for Disk Space Storage Management Chief Information Officer Office of Information Services Centers for Medicare & Medicaid Services CMS Operational Policy for Disk Space Storage Management August 2004 Document Number: CMS-CIO-POL-INF02-01

More information

Gatekeeper PKI Framework. February 2009. Registration Authority Operations Manual Review Criteria

Gatekeeper PKI Framework. February 2009. Registration Authority Operations Manual Review Criteria Gatekeeper PKI Framework ISBN 1 921182 24 5 Department of Finance and Deregulation Australian Government Information Management Office Commonwealth of Australia 2009 This work is copyright. Apart from

More information

Our Kids Information Technology Department IT Backup and Restore Procedure

Our Kids Information Technology Department IT Backup and Restore Procedure 1 of 7 Our Kids Information Technology Department IT Backup and Restore Procedure I. Policy/Purpose: This Policy describes Our Kids of Miami-Dade/Monroe, Inc. (Our Kids) Information Technology (IT) Department

More information

POLICY AND GUIDELINES FOR THE MANAGEMENT OF ELECTRONIC RECORDS INCLUDING ELECTRONIC MAIL (E-MAIL) SYSTEMS

POLICY AND GUIDELINES FOR THE MANAGEMENT OF ELECTRONIC RECORDS INCLUDING ELECTRONIC MAIL (E-MAIL) SYSTEMS POLICY AND GUIDELINES FOR THE MANAGEMENT OF ELECTRONIC RECORDS INCLUDING ELECTRONIC MAIL (E-MAIL) SYSTEMS 1. Purpose Establish and clarify a records management policy for municipal officers with respect

More information

City of Lawrence Administrative Policy

City of Lawrence Administrative Policy City of Lawrence Administrative Policy SUBJECT Server Backup Policy APPLIES TO Departments supported by Information Systems EFFECTIVE DATE September 1, 2009 REVISED DATE APPROVED BY City Manager TOTAL

More information

Risk Mitigation Considerations for Backup and Restoration Processes

Risk Mitigation Considerations for Backup and Restoration Processes Risk Mitigation Considerations for Backup and Restoration Processes Author: George Spafford Updated May 25, 2006 v1.0d 1 Copyright This document is the copyright of George Spafford 2006. Commercial sale

More information

PART 10 COMPUTER SYSTEMS

PART 10 COMPUTER SYSTEMS PART 10 COMPUTER SYSTEMS 10-1 PART 10 COMPUTER SYSTEMS The following is a general outline of steps to follow when contemplating the purchase of data processing hardware and/or software. The State Board

More information

BACKUP STRATEGY AND DISASTER RECOVERY POLICY STATEMENT

BACKUP STRATEGY AND DISASTER RECOVERY POLICY STATEMENT TADCASTER GRAMMAR SCHOOL Toulston, Tadcaster, North Yorkshire. LS24 9NB BACKUP STRATEGY AND DISASTER RECOVERY POLICY STATEMENT Written by Steve South November 2003 Discussed with ICT Strategy Group January

More information

BACKUP AND CONTIGENCY PLANS (DISASTER RECOVERY)

BACKUP AND CONTIGENCY PLANS (DISASTER RECOVERY) BACKUP AND CONTIGENCY PLANS (DISASTER RECOVERY) PURPOSE The purpose of this policy is to describe the backup and contingency plans, including disaster recovery planning, that will be implemented to ensure

More information

6. FINDINGS AND SUGGESTIONS

6. FINDINGS AND SUGGESTIONS 6. FINDINGS AND SUGGESTIONS 6.1 Introduction: The advancements in ICT and their proper utilization by research and academic librarians are not only strengthening the capabilities of libraries but also

More information

White Paper: Librestream Security Overview

White Paper: Librestream Security Overview White Paper: Librestream Security Overview TABLE OF CONTENTS 1 SECURITY OVERVIEW... 3 2 USE OF SECURE DATA CENTERS... 3 3 SECURITY MONITORING, INTERNAL TESTING AND ASSESSMENTS... 4 3.1 Penetration Testing

More information

Volume UC DAVIS HEALTH SYSTEM. HIPAA Security Compliance Workbook. Single - User Guide

Volume UC DAVIS HEALTH SYSTEM. HIPAA Security Compliance Workbook. Single - User Guide Volume 1 UC DAVIS HEALTH SYSTEM HIPAA Security Compliance Workbook Single - User Guide UC DAVIS HEALTH SYSTEM HIPAA Security Compliance Workbook Guide 1 Table of Contents Introduction General Instructions

More information

ISO IEC 27002 2005 (17799 2005) INFORMATION SECURITY AUDIT TOOL

ISO IEC 27002 2005 (17799 2005) INFORMATION SECURITY AUDIT TOOL 9.1 USE SECURITY AREAS TO PROTECT FACILITIES 1 GOAL Do you use physical methods to prevent unauthorized access to your organization s information and premises? 2 GOAL Do you use physical methods to prevent

More information

Network Security Policy

Network Security Policy IGMT/15/036 Network Security Policy Date Approved: 24/02/15 Approved by: HSB Date of review: 20/02/16 Policy Ref: TSM.POL-07-12-0100 Issue: 2 Division/Department: Nottinghamshire Health Informatics Service

More information

HIPAA Security Matrix

HIPAA Security Matrix HIPAA Matrix Hardware : 164.308(a)(1) Management Process =Required, =Addressable Risk Analysis The Covered Entity (CE) can store its Risk Analysis document encrypted and offsite using EVault managed software

More information

NOT PROTECTIVELY MARKED FORCE PROCEDURES. Email Retention, Archiving and Destruction Procedure v1.2. Records Manager

NOT PROTECTIVELY MARKED FORCE PROCEDURES. Email Retention, Archiving and Destruction Procedure v1.2. Records Manager FORCE PROCEDURES Email Retention, Archiving and Destruction Procedure v1.2 Procedure Reference Number: 2010.08 Procedure Author: Samantha Hampson, Records Manager Procedure Review Date: 1 st April 2011

More information

Review of Document Imaging Railroad Unemployment Insurance Act Programs Report No. 01-01, November 17, 2000

Review of Document Imaging Railroad Unemployment Insurance Act Programs Report No. 01-01, November 17, 2000 Review of Document Imaging Railroad Unemployment Insurance Act Programs Report No. 01-01, November 17, 2000 This report represents the results of the Office of Inspector General s (OIG) review of the Railroad

More information

Identify and Protect Your Vital Records

Identify and Protect Your Vital Records Identify and Protect Your Vital Records INTRODUCTION The Federal Emergency Management Agency s Federal Preparedness Circular 65 states The protection and ready availability of electronic and hardcopy documents,

More information

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Information Security Policy September 2009 Newman University IT Services. Information Security Policy Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms

More information

HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005

HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 INTRODUCTION HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 The Health Insurance Portability and Accountability Act (HIPAA) Security Rule, as a

More information

ACS Backup and Restore

ACS Backup and Restore Table of Contents Implementing a Backup Plan 3 What Should I Back Up? 4 Storing Data Backups 5 Backup Media 5 Off-Site Storage 5 Strategies for Successful Backups 7 Daily Backup Set A and Daily Backup

More information

Backup. Contents. 1 Storage, the base of a backup system. 2 Selection, extraction and manipulation of data. 3 Managing the backup process.

Backup. Contents. 1 Storage, the base of a backup system. 2 Selection, extraction and manipulation of data. 3 Managing the backup process. Backup In information technology, a backup or the process of backing up refer to making copies of data so that these additional copies may be used to restore the original after a data loss event. These

More information

Rotherham CCG Network Security Policy V2.0

Rotherham CCG Network Security Policy V2.0 Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October

More information

REVENUE REGULATIONS NO. 9-2009 issued on December 29, 2009 defines the requirements, obligations and responsibilities imposed on taxpayers for the

REVENUE REGULATIONS NO. 9-2009 issued on December 29, 2009 defines the requirements, obligations and responsibilities imposed on taxpayers for the REVENUE REGULATIONS NO. 9-2009 issued on December 29, 2009 defines the requirements, obligations and responsibilities imposed on taxpayers for the maintenance, retention and submission of electronic records.

More information

COMMERCIALISM INTEGRITY STEWARDSHIP. Back-up Policy & Guidance

COMMERCIALISM INTEGRITY STEWARDSHIP. Back-up Policy & Guidance Back-up Policy & Guidance Document Control Document Details Author Adrian Last Company Name The Crown Estate Division Name Information Services Document Name Back Up Policy Version Date 10/10/12 Effective

More information

Does it state the management commitment and set out the organizational approach to managing information security?

Does it state the management commitment and set out the organizational approach to managing information security? Risk Assessment Check List Information Security Policy 1. Information security policy document Does an Information security policy exist, which is approved by the management, published and communicated

More information

A backup is a copy of your files that will be able to reproduce the original, if it is lost, damaged or stolen.

A backup is a copy of your files that will be able to reproduce the original, if it is lost, damaged or stolen. Backup Strategy Backup strategy A backup is a copy of your files that will be able to reproduce the original, if it is lost, damaged or stolen. Two or even three backups can be made. Backups should be

More information

ICT Data Backup and Recovery Policy

ICT Data Backup and Recovery Policy ICT Data Backup and Recovery Policy TABLE OF CONTENTS 1. INTRODUCTION... 3 2. LEGISLATIVE FRAMEWORK... 3 3. OBJECTIVE OF THE POLICY... 4 4. AIMS OF THE POLICY... 4 5. SCOPE... 4 6. BREACH OF POLICY...

More information

The Case for Continuous Data Protection

The Case for Continuous Data Protection The Case for Continuous Data Protection This paper will discuss the benefits of using CDP-based solutions, particularly in place of traditional, tape-based backup products that currently dominate the SMB

More information

Supplier Security Assessment Questionnaire

Supplier Security Assessment Questionnaire HALKYN CONSULTING LTD Supplier Security Assessment Questionnaire Security Self-Assessment and Reporting This questionnaire is provided to assist organisations in conducting supplier security assessments.

More information

Local Government Cyber Security:

Local Government Cyber Security: Local Government Cyber Security: Guidelines for Backing Up Information A Non-Technical Guide Essential for Elected Officials Administrative Officials Business Managers Multi-State Information Sharing and

More information

SOUTH LAKELAND DISTRICT COUNCIL INTERNAL AUDIT FINAL REPORT IT 11-02. IT Backup, Recovery and Disaster Recovery Planning

SOUTH LAKELAND DISTRICT COUNCIL INTERNAL AUDIT FINAL REPORT IT 11-02. IT Backup, Recovery and Disaster Recovery Planning SOUTH LAKELAND DISTRICT COUNCIL INTERNAL AUDIT FINAL REPORT IT 11-02 IT Backup, Recovery and Disaster Recovery Planning Executive Summary Introduction As part of the 2011/12 Audit Plan and following discussions

More information

CITY UNIVERSITY OF HONG KONG. Information Classification and

CITY UNIVERSITY OF HONG KONG. Information Classification and CITY UNIVERSITY OF HONG KONG Handling Standard (Approved by the Information Strategy and Governance Committee in December 2013) PUBLIC Date of Issue: 2013-12-24 Document Control Document Owner Classification

More information

IMPLEMENTATION OF AN ELECTRONIC DOCUMENT MANAGEMENT SYSTEM

IMPLEMENTATION OF AN ELECTRONIC DOCUMENT MANAGEMENT SYSTEM IMPLEMENTATION OF AN ELECTRONIC DOCUMENT MANAGEMENT SYSTEM TECHNICAL SPECIFICATIONS FOR AGENCIES AND BROKERS ACTING ON THEIR ACCOUNT DATA PRESERVATION EXPLANATORY NOTES : The preservation of information

More information

Application Development within University. Security Checklist

Application Development within University. Security Checklist Application Development within University Security Checklist April 2011 The Application Development using data from the University Enterprise Systems or application Development for departmental use security

More information

REMOTE BACKUP-WHY SO VITAL?

REMOTE BACKUP-WHY SO VITAL? REMOTE BACKUP-WHY SO VITAL? Any time your company s data or applications become unavailable due to system failure or other disaster, this can quickly translate into lost revenue for your business. Remote

More information

Understanding Unmetered Managed Backup

Understanding Unmetered Managed Backup Understanding Unmetered Managed Backup Rackspace maintains one of the industry's most highly successful backup operations and infrastructures in the world. Because we are a hosting provider, Rackspace

More information

MapGuide Open Source Repository Management Back up, restore, and recover your resource repository.

MapGuide Open Source Repository Management Back up, restore, and recover your resource repository. MapGuide Open Source Repository Management Back up, restore, and recover your resource repository. Page 1 of 5 Table of Contents 1. Introduction...3 2. Supporting Utility...3 3. Backup...4 3.1 Offline

More information

WHAT S THE DIFFERENCE? JENNIFER RICKER DIGITAL COLLECTIONS MANAGER STATE LIBRARY OF NORTH CAROLINA

WHAT S THE DIFFERENCE? JENNIFER RICKER DIGITAL COLLECTIONS MANAGER STATE LIBRARY OF NORTH CAROLINA Archival Storage vs. Data Backup WHAT S THE DIFFERENCE? JENNIFER RICKER DIGITAL COLLECTIONS MANAGER STATE LIBRARY OF NORTH CAROLINA Overview Why store at all? What IS the difference? General differences

More information

Scanning and Tossing. Requirements for Scanning and the Destruction of Paper Based Records

Scanning and Tossing. Requirements for Scanning and the Destruction of Paper Based Records Scanning and Tossing Requirements for Scanning and the Destruction of Paper Based Records Overview I want to go paperless! Can I scan and toss? What are the rules and requirements about imaging? What are

More information

ITIL A guide to service asset and configuration management

ITIL A guide to service asset and configuration management ITIL A guide to service asset and configuration management The goal of service asset and configuration management The goals of configuration management are to: Support many of the ITIL processes by providing

More information

CHAPTER 11 COMPUTER SYSTEMS INFORMATION TECHNOLOGY SERVICES CONTROLS

CHAPTER 11 COMPUTER SYSTEMS INFORMATION TECHNOLOGY SERVICES CONTROLS 11-1 CHAPTER 11 COMPUTER SYSTEMS INFORMATION TECHNOLOGY SERVICES CONTROLS INTRODUCTION The State Board of Accounts, in accordance with State statutes and the Statements on Auditing Standards Numbers 78

More information

DO NOT ASSUME THAT THE BACKUP IS CORRECT. MAKE SURE IT IS.

DO NOT ASSUME THAT THE BACKUP IS CORRECT. MAKE SURE IT IS. BACKING UP DATABASES & ASSOCIATED FILES It is not the responsibility of Incisive Software Limited, or any agent appointed by us, to configure or ensure the reliability and validity of the backing up of

More information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1

More information

Information Systems and Technology

Information Systems and Technology As public servants, it is our responsibility to use taxpayers dollars in the most effective and efficient way possible while adhering to laws and regulations governing those processes. There are many reasons

More information

ROADMAP TO DEFINE A BACKUP STRATEGY FOR SAP APPLICATIONS Helps you to analyze and define a robust backup strategy

ROADMAP TO DEFINE A BACKUP STRATEGY FOR SAP APPLICATIONS Helps you to analyze and define a robust backup strategy A BasisOnDemand.com White Paper ROADMAP TO DEFINE A BACKUP STRATEGY FOR SAP APPLICATIONS Helps you to analyze and define a robust backup strategy by Prakash Palani (Prakash.Palani@basisondemand.com) Table

More information

Hosted Exchange. Security Overview. Learn More: Call us at 877.634.2728. www.megapath.com

Hosted Exchange. Security Overview. Learn More: Call us at 877.634.2728. www.megapath.com Security Overview Learn More: Call us at 877.634.2728. www.megapath.com Secure and Reliable Hosted Exchange Our Hosted Exchange service is delivered across an advanced network infrastructure, built on

More information

Exhibit to Data Center Services Service Component Provider Master Services Agreement

Exhibit to Data Center Services Service Component Provider Master Services Agreement Exhibit to Data Center Services Service Component Provider Master Services Agreement DIR Contract No. DIR-DCS-SCP-MSA-002 Between The State of Texas, acting by and through the Texas Department of Information

More information

Multi-Terabyte Archives for Medical Imaging Applications

Multi-Terabyte Archives for Medical Imaging Applications Multi-Terabyte Archives for Medical Imaging Applications This paper describes how Windows servers running XenData Archive Series software provide an attractive solution for storing and retrieving multiple

More information

Cyber Security: Guidelines for Backing Up Information. A Non-Technical Guide

Cyber Security: Guidelines for Backing Up Information. A Non-Technical Guide Cyber Security: Guidelines for Backing Up Information A Non-Technical Guide Essential for Executives, Business Managers Administrative & Operations Managers This appendix is a supplement to the Cyber Security:

More information

DELAWARE PUBLIC ARCHIVES POLICY STATEMENT AND GUIDELINES MODEL GUIDELINES FOR ELECTRONIC RECORDS

DELAWARE PUBLIC ARCHIVES POLICY STATEMENT AND GUIDELINES MODEL GUIDELINES FOR ELECTRONIC RECORDS DELAWARE PUBLIC ARCHIVES POLICY STATEMENT AND GUIDELINES MODEL GUIDELINES FOR ELECTRONIC RECORDS STATEMENT OF PURPOSE The Delaware Public Archives (DPA) has issued "Model Guidelines for Electronic Records"

More information

Supplier IT Security Guide

Supplier IT Security Guide Revision Date: 28 November 2012 TABLE OF CONTENT 1. INTRODUCTION... 3 2. PURPOSE... 3 3. GENERAL ACCESS REQUIREMENTS... 3 4. SECURITY RULES FOR SUPPLIER WORKPLACES AT AN INFINEON LOCATION... 3 5. DATA

More information

Disaster Recovery. Stanley Lopez Premier Field Engineer Premier Field Engineering Southeast Asia Customer Services and Support

Disaster Recovery. Stanley Lopez Premier Field Engineer Premier Field Engineering Southeast Asia Customer Services and Support Disaster Recovery Stanley Lopez Premier Field Engineer Premier Field Engineering Southeast Asia Customer Services and Support Categories of Risk Financial Operational Reputational Market share Revenue

More information

NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL.

NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL. NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL. Your Credit Union information is irreplaceable. Data loss can result

More information

Email Retention 7/11/2014 1

Email Retention 7/11/2014 1 Email Retention 7/11/2014 1 What is an Email Retention Policy? What is an Electronic (Email/Instant Messaging) Communications Retention Policy? An electronic retention policy is list of parameters created

More information

2.2 INFORMATION SERVICES Documentation of computer services, computer system management, and computer network management.

2.2 INFORMATION SERVICES Documentation of computer services, computer system management, and computer network management. 3 Audit Trail Files Data generated during the creation of a master file or database, used to validate a master file or database during a processing cycle. GS 14020 Retain for 3 backup cycles Computer Run

More information

Information Technology General Controls Review (ITGC) Audit Program Prepared by:

Information Technology General Controls Review (ITGC) Audit Program Prepared by: Information Technology General Controls Review (ITGC) Audit Program Date Prepared: 2012 Internal Audit Work Plan Objective: IT General Controls (ITGC) address the overall operation and activities of the

More information

Mike Casey Director of IT

Mike Casey Director of IT Network Security Developed in response to: Contributes to HCC Core Standard number: Type: Policy Register No: 09037 Status: Public IG Toolkit, Best Practice C7c Consulted With Post/Committee/Group Date

More information

Newcastle University Information Security Procedures Version 3

Newcastle University Information Security Procedures Version 3 Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations

More information