1 MANAGEMENT AUDIT REPORT OF DISASTER RECOVERY PLAN DEPARTMENT OF FINANCE AND ADMINISTRATIVE SERVICES INFORMATION TECHNOLOGY SERVICES DIVISION REPORT NO City of Albuquerque Office of Internal Audit
2 MANAGEMENT AUDIT REPORT DISASTER RECOVERY PLAN DEPARTMENT OF FINANCE AND ADMINISTRATIVE SERVICES INFORMATION TECHNOLOGY SERVICES DIVISION REPORT NO TABLE OF CONTENTS Executive Summary PAGE NO. i Introduction 1 Audit Objectives 5 Scope 5 Methodology 6 Findings: 1. DFAS, ITSD Should Update DR Recovery Procedures To Include 6 Instructions For Recovering All Tier 1 Critical Utilities, Internal Services, and Applications. 2. DFAS, ITSD Should Ensure That All Tier 1 Systems Are Protected 7 From An Extended Electrical Outage. 3. DFAS, ITSD Should Develop An Emergency Purchasing Procedure 8 To Expedite Acquisition Of New Or Alternate Equipment When Required For a Class 1 Or Class 2 Recovery. 4. DFAS, ITSD Should Update Recovery Team Contact Information 9 On a Quarterly Basis And Update DR Plan Documentation. 5. DFAS, ITSD Should Periodically Test Emergency Management 11 Team Readiness Through Tabletop Exercises. 6. DFAS, ITSD Should Periodically Test Its Ability To Recover Tier 1 12 Servers, Applications, and Data From Backup Media. 7. DFAS, ITSD Should Annually Review and Update The DR Plan To 13 Ensure That Documentation Remains Current. Conclusion 14
3 Department of Finance and Administrative Services Information Technology Services Division Disaster Recovery Plan Report No Executive Summary The Office of Internal Audit (OIA) conducted a management audit of the Disaster Recovery (DR) Plan prepared by the Information Technology Services Division (ITSD), a division of the Department of Finance and Administrative Services (DFAS). The audit was included in the fiscal year (FY) 2013 approved audit plan. Having a current and reliable DR Plan is a necessity for all municipal governments. A welldesigned DR Plan is a tool for ensuring that required technology is available on an ongoing basis. Although a plan cannot anticipate all potential threats, DR planning provides a framework for managing the disruption through damage assessment and activation of recovery processes when the unexpected occurs. ITSD s current DR Plan was completed in February, This version of the plan was a complete re-write of previous DR plans and was based on City-wide critical IT needs. ITSD utilizes a layered approach to prevent data loss. For critical systems, the first line of defense is redundancy. Redundant systems located at hot sites provide failover capability. Secondary protection is provided through daily performance of backups to external media. The DR Plan is currently undergoing testing through a series of User Acceptance Tests (UATs). Each test is designed to test a specific recovery procedure. If any part of a test fails, the methodology calls for re-testing to ensure that recovery steps will be successful in an emergency. Does the Disaster Recovery Plan permit ITSD to sufficiently recover critical IT systems to allow City Departments to resume normal functions after a disruption? ITSD has not obtained step-by-step recovery procedures from three City departments describing services to be provided by ITSD in an emergency. The lack of detail may negatively impact recovery efforts or interrupt availability of critical services required by external departments. Two servers that support Tier 1 internal service priorities are located at the secondary hot site, which is limited to approximately 45 minutes of backup electricity if utility power is unavailable. Should an electrical outage exceeding 45 minutes occur, these servers would not be available for failover. A division-specific emergency purchasing procedure does not currently exist. Should a large dollar server or component require replacement, ITSD may not be able to acquire the required equipment in a timely fashion. i
4 Due to employee retirements, transfers and resignations, the DR Plan contact information was outdated at the time the audit began. In a disaster scenario, the lack of current contact information may delay the assembly of an appropriate recovery team. The maintenance interval for updating the DR Plan has not been formally established. Without ongoing DR plan updates, recovery of essential systems may be delayed or outdated recovery steps may be attempted. Have backup and recovery procedures been established and tested to ensure availability of data? ITSD does not currently perform formal tests of recovery from backup media. Should a disaster necessitate recovery from backup, restoration of critical services may be delayed beyond the 24- hour recovery time objective. Is the Disaster Recovery Plan tested regularly to ensure that key IT systems can be effectively recovered? Current DR Plan testing does not consider the unexpected. Without periodic drills, recovery personnel may lack preparation to quickly execute recovery procedures under unusual or unforeseen circumstances. Recommendations and management responses are included in the audit report. ii
5 City of Albuquerque Office of Internal Audit P.O. BOX 1293 ALBUQUERQUE, NEW MEXICO Accountability in Government Oversight Committee City of Albuquerque Albuquerque, New Mexico Audit: Management Audit Department of Finance & Administrative Services Information Technology Services Division Disaster Recovery Plan Audit No FINAL INTRODUCTION The Office of Internal Audit (OIA) conducted a management audit of the Disaster Recovery (DR) Plan prepared by the Information Technology Services Division (ITSD), a division of the Department of Finance and Administrative Services (DFAS). The audit was included in the fiscal year (FY) 2013 approved audit plan. Having a current and reliable DR Plan is a necessity for all municipal governments. A welldesigned DR Plan is a tool for ensuring that required technology is available on an ongoing basis. Although a plan cannot anticipate all potential threats, DR planning provides a framework for managing the disruption through damage assessment and activation of recovery processes when the unexpected occurs. Key terms utilized in this report: Business continuity plans (BCPs) Enterprise-wide sets of plans used by departmental units to respond to a disruption in order to recover standard business processes. Citywide BCPs are outside the scope of this audit. Business Impact Analysis (BIA) An enterprise-wide process utilized to determine an organization s most critical business processes and identify the underlying IT systems and applications needed to support such processes.
6 Page 2 CobiT An internationally accepted process framework for IT that provides a comprehensive IT governance, management, control, and assurance model. CobiT objectives support enterprises in the development, implementation, and continuous improvement and monitoring of good IT-related governance and management practices. Disaster Recovery Plan DR Plans are a subset of BCPs. These are the plans and procedures for recovering key information technology infrastructure critical to the organization, as determined by a BIA. Hot site A hot site is an offsite datacenter equipped with replicas of critical IT infrastructure. A hot site can take the place of the principal datacenter in the event of a disaster or disruption. Redundancy Replication of key IT components at a hot site, permitting fast recovery of critical IT infrastructure. Failover The ability to transfer a key IT service from the principal datacenter to a redundant system at a hot site. Failover may be executed automatically or manually by following a set of DR procedures. Backup Media Electronic copies of system, application software, and related databases which can be utilized to restore applications and databases in the event the originals are lost or destroyed. Tabletop exercise - A mock disaster exercise designed to test the IT function s knowledge of recovery plans and assess the ability of recovery teams to respond to a hypothetical disaster scenario or scenarios. Key documents evaluated in this audit: Disaster Recovery Plan, Tier 1 City of Albuquerque Critical Services, February 23, 2012 (Revision 1) This is ITSD s principal DR Plan document and the central focus of the audit. The document was developed by a contractor in fiscal year 2012 and supersedes previous DR plans developed by ITSD. The intention of the current plan is to address emergency responses to outages of IT infrastructure and services critical to City departments.
7 Page 3 Identification of critical IT functions was based on a lengthy process of interaction with City departments and divisions which resulted in a City-wide Business Impact Analysis (BIA). The goal of the BIA was to ensure that the new DR plan would be aligned with the critical IT needs of the City, as identified by the technology users. Based on analysis of the BIA, ITSD determined the top five critical service groups: Police, Fire, Transit, 311, and Animal Welfare. Identification of the top five service groups determined which Tier 1 critical services, internal services, and applications would be recovered first in a disaster scenario. The DR Plan is designed to recover critical service functions of the City. Based on the BIA, critical service functions were ranked into four tiers, with Tier 1 having the greatest criticality. Following recovery of Tier 1 utilities, internal services, and applications, Tiers 2 through 4 are recovered, in that order, if resources are available. The mission of the DR Plan is to determine the critical service functions of the City that have an IT component which is supported by the ITSD; develop a strategy to prioritize and recover the IT components of these critical functions; and finally, to develop a maintenance and validation process for the Disaster Recovery Plan. The DR Plan has three phases: 1. Planning and Project Initiation, 2. Develop DR Strategies, and 3. Establish maintenance and validation of the DR Plan. The first two phases were completed prior to commencement of this audit. The first phase included defining objectives, identifying critical functions of the City which have IT components supported by the ITSD, and compiling results into a BIA. Phase two focused on developing recovery procedures and gaining management approval of DR plan documents. The third phase relates to ongoing testing and validation of the plan, as well as updating the plan. The original contract called for preparation and delivery of the initial documents. Therefore, phase three is open-ended and calls for ITSD to implement this phase. Because phase three is still in process, the audit only evaluated progress to date. Some audit recommendations address future revisions of the DR plan. Other DR Plan Documentation There are several companion documents to the DR Plan, which serve as the roadmap for the Chief Information Officer or designee to follow during a disaster declaration. These
8 Page 4 documents outline operational and physical requirements of various disaster scenarios. These documents are intended to provide detailed procedures for recovering Tier 1 critical utilities, internal services, and applications as determined by the BIA. They also contain recovery instructions for some Tier 2 priorities, which would be recovered after restoring the Tier 1 priorities. Documentation includes initial procedures for the Disaster Assessment Team to assess the damage to the systems and notify personnel who will be recovering the systems. Damage assessment determines the type of recovery to be performed. The City has four recovery classes, which are outlined below: Class 1 Recovery Equipment is not functioning and must be recovered in an alternate location with new or alternate equipment. Class 2 Recovery Equipment is not functioning, but can be recovered in place with new or alternate equipment. Class 3 Recovery Equipment is functioning, but must be removed and installed in an alternate location. Class 4 Recovery Equipment is functioning and can remain in place. Once the type of recovery has been determined, appropriate recovery teams are assembled to activate the recovery procedures. The DR Plan is designed to simultaneously recover critical utilities, internal services, and applications. The plan can also be utilized to recover individual systems, services, or applications should there be an isolated disruption. For example, one set of recovery instructions for a Tier 2 application were activated during the fieldwork phase of the audit. On a November 2012 weekend, a hardware failure necessitated activating the plan to recover a Human Resources database in the City s Enterprise Resource Planning (ERP) system. The response by on-call ITSD personnel was a successful failover to the DR hot site with minimal downtime and no data loss. Temporary workarounds were devised and the DR server was utilized in place of the production server for approximately three weeks. This unplanned emergency underscores the importance of well-designed and documented recovery procedures for critical applications.
9 Page 5 AUDIT OBJECTIVES The objectives of the audit were to determine: Does the Disaster Recovery Plan permit ITSD to sufficiently recover critical IT systems to allow City Departments to resume normal functions after a disruption? Have backup and recovery procedures been established and tested to ensure availability of critical data? Is the Disaster Recovery Plan tested regularly to ensure that critical IT systems can be effectively recovered? SCOPE Our audit did not include an examination of all functions and activities related to the ITSD DR Plan. The scope of this audit was limited to review of DR Plan documents developed by ITSD. Documentation was assessed for conformance to practices established by Control Objectives for Information and related Technology (CobiT) and internally-established ITSD objectives and standards. This audit was not intended to be an assessment of City-wide business continuity plans, which are the responsibility of individual City departments. The scope included examination of preventive strategies, such as redundant power, replication of applications and data and provisioning of alternate sites, and an in-depth review of plan documents. The scope also included routine backup and recovery strategies employed by ITSD to ensure availability of data. This report and its conclusions are based on information taken from a sample of transactions and do not intend to represent an examination of all related transactions and activities. The audit report is based on our examination of activities through the completion of fieldwork, December 12, 2012, and does not reflect events or accounting entries after that date. Because phase three of the DR Plan is still in process, the audit only evaluated progress to date. Some audit recommendations address future revisions of the DR plan. We conducted this management audit in accordance with generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.
10 Page 6 METHODOLOGY To achieve the audit objectives, several methodologies were utilized. included the following: The methodologies In-depth review of primary and secondary plan documents, including: o Disaster Recovery Plan, Tier 1 City of Albuquerque Critical Services, February 23, 2012 (Revision 1), o System-specific disaster recovery documents available to ITSD personnel, and o Run books, Test Readiness Reviews (TRRs), and plans used for testing individual plan components. Corroboration of documentary evidence through interviews with ITSD personnel, walkthroughs of ITSD facilities, and observations of actual recovery tests Review of on-site physical security at main datacenters and hot sites Physical inspection of datacenters to verify server locations denoted in recovery plans Testing of contact lists to verify current employment of recovery personnel and accuracy of contact information Review of backup job completion notices for two calendar weeks Observation of transport of backup media to offsite locations Datacenter walkthroughs to physically locate backup hardware and tape storage facilities FINDINGS The following findings concern areas that we believe could be improved by the implementation of the related recommendations. 1. DFAS, ITSD SHOULD UPDATE DR RECOVERY PROCEDURES TO INCLUDE INSTRUCTIONS FOR RECOVERING ALL TIER 1 CRITICAL UTILITIES, INTERNAL SERVICES, AND APPLICATIONS. ITSD has not obtained step-by-step recovery procedures from three City departments describing services to be provided by ITSD in an emergency. Principal support for some Tier 1 components is the responsibility of City departments with independent IT support organizations. ITSD is responsible for providing hot site support for these Tier 1 components. Servers and other equipment are in place at designated hot sites; however, the DR plan documentation does not clearly state failover procedures. The lack of detail may negatively
11 Page 7 impact recovery efforts or interrupt availability of critical services required by external departments. The DR Plan Mission Statement calls for ITSD to determine the critical service functions of the City that have an IT component which is supported by the ITSD and develop a strategy to prioritize and recover the IT components of these critical functions. RECOMMENDATION DFAS, ITSD should: Update the DR Plan documentation to include recovery instructions for all Tier 1 applications. Work with other City departments to obtain recovery steps for applications that failover to the main datacenter. Ensure that plan documentation contains current hardware requirements, physical locations of the underlying systems, and contact information for system administrators. RESPONSE FROM DFAS - ITSD ITSD is in the process of creating the recovery procedures for all tier 1 applications and will have the responsible department review and approve content. These will be in the next version of the DR Plan documentation. The current hardware requirements, physical locations of the underlying systems, and contact information for system administrators is being updated for the next DR Plan version and will be completed annually. ESTIMATED COMPLETION DATE April DFAS, ITSD SHOULD ENSURE THAT ALL TIER 1 SYSTEMS ARE PROTECTED FROM AN EXTENDED ELECTRICAL OUTAGE. Two servers that support Tier 1 internal service priorities are located at the secondary hot site, which is equipped with backup electricity from uninterruptible power supply (UPS) sources. The UPS units can provide approximately 45 minutes of electricity if utility power is
12 Page 8 unavailable. Other hot sites are supported by UPS power plus diesel generators, which can continue to provide electricity significantly beyond the capacities of the UPS units. Until recently, ITSD had limited space at the primary hot site, which was shared with another agency. The secondary site was initially designed as a backup facility for a Tier 2 application. Because this was not the production facility, UPS power was considered adequate. Should an electrical outage exceeding 45 minutes occur, these servers would not be available for failover. The DR Plan s risk assessment concluded that the greatest threat to continuity of operations was an extended electrical outage. RECOMMENDATION DFAS, ITSD should relocate servers supporting Tier 1 critical services, internal services and applications from the secondary to the primary hot site. RESPONSE FROM DFAS - ITSD The current environments (DNS, DHCP, ERP) at the secondary DR site are secondary fail-over environments that are replicated real time. The reason for this redundancy is to minimize outages and provide instant recovery to these systems. Today since they are secondary fail-over systems we do not consider the power as a high risk issue but it is something we can do to make it even more fail safe. ITSD will plan to migrate the systems to the primary DR site with the backup generator. ESTIMATED COMPLETION DATE October DFAS, ITSD SHOULD DEVELOP AN EMERGENCY PURCHASING PROCEDURE TO EXPEDITE ACQUISITION OF NEW OR ALTERNATE EQUIPMENT WHEN REQUIRED FOR A CLASS 1 OR CLASS 2 RECOVERY. A division-specific emergency purchasing procedure does not currently exist. Provisions have been made for incidental after-hours purchases of hardware or software, but these are restricted to standard purchasing card limits. These constraints may impede the acquisition of new or alternate equipment within stated recovery time frames. Should a large dollar server
13 Page 9 or component require replacement, ITSD may not be able to acquire the required equipment in a timely fashion. DR Plan documentation contains the expectation that after a disaster, critical systems and data must be recovered and operational within 24 hours, and the data recovered must be less than 24 hours old. If a recovery determination indicates a Class 1 or Class 2 recovery, the acquisition of new or alternate equipment may be required. Without an emergency purchasing procedure, the 24-hour recovery time frame may not be achievable. RECOMMENDATION DFAS, ITSD should: Develop an emergency procurement procedure to expedite purchases of IT equipment in the event of a disaster declaration. Define conditions under which the procedure is activated. RESPONSE FROM DFAS - ITSD ITSD will use the Emergency Procurement procedure in the Purchasing Rules and Regulations document that allows the department director to authorize purchases in case of an emergency. We will add a section to the current DR Plan to document the current and proposed emergency purchasing procedure and identify when it will be activated and who will be authorized to execute it in case the department director is not available. ESTIMATED COMPLETION DATE April DFAS, ITSD SHOULD UPDATE RECOVERY TEAM CONTACT INFORMATION ON A QUARTERLY BASIS AND UPDATE DR PLAN DOCUMENTATION. Due to employee retirements, transfers and resignations, the DR Plan contact information was outdated by the time the audit began in October Of 28 names listed on the ITSD Disaster Team Organization Chart, two had retired, one had transferred, and two had resigned. These former employees were also listed on the contact list included as Appendix
14 Page 10 IV in the DR Plan. This information was current when plan documentation was first published in February However, ITSD didn t revise the organization chart and contact list after personnel changes. The plan maintenance scheme and schedule have not yet been formally defined. Successful recovery of IT infrastructure is dependent on rapid assembly and deployment of ITSD personnel. DR Plan documentation includes an Organization Chart, indicating DR roles and responsibilities, and a contact list for recovery personnel. In a disaster scenario, the lack of current contact information may delay the assembly of an appropriate recovery team. This condition was brought to the attention of ITSD management, who prepared an updated DR Organizational Chart and contact list during the audit. Phase three of the DR Mission Statement calls for ITSD to define a plan maintenance scheme and schedule. CobiT control objectives stress the importance of timely communication of changes in procedures and personnel relating to DR plans. Because organizational personnel changes can occur at any time, it is vital that responsibilities and contact information in DR Plan documentation contain current and accurate information in order to efficiently locate and assemble recovery personnel in a disaster. RECOMMENDATION DFAS, ITSD should implement a quarterly review of the ITSD Disaster Recovery Organization Chart and ITSD Contact Lists for Disaster Recovery. The review process should analyze recovery team responsibilities that may have changed as well as contacting recovery team members to verify accuracy of contact information. RESPONSE FROM DFAS - ITSD The current proposed update for the DR Plan is annual, but quarterly updates to the contact information will be completed. We will add a requirement to update this section quarterly. ESTIMATED COMPLETION DATE April 2013.
15 Page DFAS, ITSD SHOULD PERIODICALLY TEST EMERGENCY MANAGEMENT TEAM READINESS THROUGH TABLETOP EXERCISES. Current DR Plan testing does not consider the unexpected. There is not currently a mechanism for stress-testing the plan and assessing team readiness in unannounced situations. The current testing cycle calls for a series of User Acceptance Tests (UATs) to test each of the Tier 1 critical services, internal services, and applications. This testing phase began in spring 2012 and is not yet complete. While this type of testing is critical to testing recoverability of key systems, it is performed on a scheduled basis by system experts. Testing should also consider whether recovery procedures can be successfully executed by alternate personnel and assess the readiness of emergency management team personnel. Without periodic drills, recovery personnel may lack preparation to quickly execute recovery procedures under unusual or unforeseen circumstances. Phase three of the DR Plan calls for DFAS, ITSD to Establish maintenance and validation of the Disaster Recovery Plan and to train the Emergency Management Team on components and requirements of an exercise program. CobiT recommends integrated testing scenarios to keep DR plans relevant. Although it is not possible to anticipate all disaster scenarios, a tabletop exercise is a cost-effective way of testing the emergency management team s ability to react to unplanned events without the interruption of a full-scale drill. Such exercises can also test the recovery plan s assumptions and may identify outdated or incomplete sections of the plan. RECOMMENDATION DFAS, ITSD should periodically test the emergency management team s ability to adapt to unplanned situations by conducting tabletop exercises and/or recovery drills. Training sessions should present recovery personnel with previously unannounced hypothetical disasters and challenge the team to develop an appropriate recovery plan based on the current DR documentation and team knowledge. RESPONSE FROM DFAS - ITSD Table top testing will be added to the DR Plan and be used as a training aide for critical recovery personnel.
16 Page 12 ESTIMATED COMPLETION DATE April DFAS, ITSD SHOULD PERIODICALLY TEST ITS ABILITY TO RECOVER TIER 1 SERVERS, APPLICATIONS, AND DATA FROM BACKUP MEDIA. DFAS, ITSD does not currently perform formal tests of recovery from backup media. The division routinely performs restoration of data files and folders and is confident in its ability to restore from archived media. For DR purposes, tape backups are considered the secondary means of recovering Tier 1 infrastructure and applications and would only be necessitated in the event a failover component was unavailable. Because extreme disaster scenarios may require recovery from backup media, emergency management teams need to be prepared for such a possibility. Without formal recovery testing, recovery personnel may not be able to timely recover Tier 1 components. Restoration of critical services may be delayed beyond the 24-hour recovery time objective. CobiT standards recommend periodic tests of archived data. Regular testing of recovery procedures helps ensure that recovery personnel can successfully recover these Tier 1 components if needed in a disaster. RECOMMENDATION DFAS, ITSD should schedule a recovery test from backup media annually. Testing should be formally documented and have a predetermined objective. The test should verify the integrity of backup media by restoring an entire server or entire application and related databases from archived backups. The restored media should be compared against the production system to ensure functionality and verify data integrity. RESPONSE FROM DFAS - ITSD Backup recoveries are performed almost daily by the systems and database groups, but we will add this to the testing requirements, create a Test Readiness Review (TRR) document, test plan, and then schedule for testing.
17 Page 13 ESTIMATED COMPLETION DATE April DFAS, ITSD SHOULD ANNUALLY REVIEW AND UPDATE THE DR PLAN TO ENSURE THAT DOCUMENTATION REMAINS CURRENT. The initial DR Plan documents were created by a contractor, with no definite arrangements for future updates. At the time of the audit, this maintenance interval had not yet been defined. Phase three of the DR Plan calls for ITSD to define a plan maintenance scheme and schedule. CobiT standards emphasize the necessity of keeping DR plans current, to reflect changes in business processes and systems. Technology infrastructure, systems and support procedures change over time. Without ongoing DR plan updates, recovery of essential systems may be delayed, or outdated recovery steps may be attempted. RECOMMENDATION DFAS, ITSD should: Review and update DR plan documentation on an annual basis. Updates should incorporate changes in underlying systems and recovery procedures. Include a reassessment of the critical applications list and recovery sequence in the annual review. State the maintenance interval standards in future versions of the DR Plan. RESPONSE FROM DFAS - ITSD ITSD has scheduled an annual review for the DR documentation scheduled for March and April Although it was not documented in the DR Plan, ITSD will add sections for DR updates, incorporate changes in underlying systems and recovery procedures, critical application list and recovery sequences, state maintenance interval standards, and add them to the next release scheduled for April 2013.
18 Page 14 CONCLUSION ESTIMATED COMPLETION DATE April We believe this audit will assist the DFAS, Information Technology Services Division improve its DR planning efforts and enhance the department s ability to ensure continuous service of critical IT components. We appreciate the assistance and cooperation of DFAS, Information Technology Services Division personnel during the audit.
19 Page 15 Senior Information Systems Auditor REVIEWED and APPROVED: APPROVED FOR PUBLICATION: Carmen Kavelman, CPA, CISA, CGAP, CFE Director, Office of Internal Audit Chairperson, Accountability in Government Oversight Committee
SPECIAL AUDIT REPORT OF DATABASE SECURITY CITYWIDE REPORT NO. 11-103 City of Albuquerque Office of Internal Audit Database Security Citywide Report No. 11-103 Executive Summary The Office of Internal Audit
whitepaper Why Should Companies Take a Closer Look at Business Continuity Planning? How Datalink s business continuity and disaster recovery solutions can help organizations lessen the impact of disasters
Department of Information Technology Data Center Disaster Recovery Audit Report Final Report September 2006 promoting efficient & effective local government Executive Summary Our audit found that a comprehensive
Ohio Supercomputer Center IT Business Continuity Planning No: Effective: OSC-13 06/02/2009 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original
Overview of how to test a Business Continuity Plan Prepared by: Thomas Bronack Phone: (718) 591-5553 Email: email@example.com BRP/DRP Test Plan Creation and Exercise Page: 1 Table of Contents BCP/DRP Test
Business Continuity Planning 101 Presentation Overview What is business continuity planning Plan Development Plan Testing Plan Maintenance Future advancements in BCP Question & Answer What is a Disaster?
AUDITING A BCP PLAN Thomas Bronack Auditing a BCP Plan presentation Page: 1 What are the Objectives of a Good BCP Plan Protect employees Restore critical business processes or functions to minimize the
Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions
FOLLOW-UP OF COMPUTER EQUIPMENT TRACKING CONTROLS AND PROCEDURES REPORT NO. City of Albuquerque Office of Internal Audit and Investigations City of Albuquerque Office of Internal Audit and Investigations
Business Continuity Planning and Disaster Recovery Planning Ed Crowley IAM/IEM 1 Goals Compare and contrast aspects of business continuity Execute disaster recovery plans and procedures 2 Topics Business
Information Technology Disaster Recovery Policy Policy Statement This policy defines acceptable methods for disaster recovery planning, preparedness, management and mitigation of IT systems and services
EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic
` Official Audit Report Issued September 30, 2011 University of Massachusetts Medical School's Data Center Relocation For the period July 1, 2008 through August 31, 2010 State House Room 230 Boston, MA
www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition
Department NeighborWorks America Audit Review of the Business Continuity Plan (BCP) and Documentation Project Number: ADMN.BCP.2013 Audit Review of of BCP Table of Contents Project Completion Letter...
State of California California Information Security Office Technology Recovery Plan Instructions SIMM 5325-A (Formerly SIMM 65A) September 2013 REVISION HISTORY REVISION DATE OF RELEASE OWNER SUMMARY OF
Appendix L DISASTER RECOVERY AND CONTINGENCY PLANNING CHECKLIST FOR ICT SYSTEMS I. GETTING READY A. Obtain written commitment from top management of support for contingency planning objectives. B. Assemble
FINAL AUDIT REPORT Audit of the arrangements for business continuity and disaster recovery for non- PeopleSoft applications in UNHCR BACKGROUND The field offices of the United Nations High Commissioner
Intel Business Continuity Practices As a global corporation with locations and suppliers all over the world, Intel requires every designated Intel organization to embed business continuity as a core business
MICHIGAN OFFICE OF THE AUDITOR GENERAL AUDIT REPORT THOMAS H. MCTAVISH, C.P.A. AUDITOR GENERAL The auditor general shall conduct post audits of financial transactions and accounts of the state and of all
Audit of IMS Disaster Recovery Plan Internal Audit 378-1-615 April 29, 2009 TABLE OF CONTENTS EXECUTIVE SUMMARY...II 1.0 INTRODUCTION...5 2.0 AUDIT OBJECTIVES AND SCOPE...7 3.0 AUDIT APPROACH AND METHODOLOGY...7
FOLLOW-UP OF PERSONAL COMPUTER LICENSING REPORT NO. City of Albuquerque Office of Internal Audit and Investigations City of Albuquerque Office of Internal Audit and Investigations P.O. BOX 1293 ALBUQUERQUE,
Domain 3 Business Continuity and Disaster Recovery Planning Steps (ISC) 2 steps [Har10] Project initiation Business Impact Analysis (BIA) Recovery strategy Plan design and development Implementation Testing
Preventing Data Loss INSIDE > Disaster Recovery Types and Categories > Disaster Recovery Site Types > Disaster Recovery Procedure Lists > Business Continuity Plan 1 Preventing Data Loss White Paper Overview
Follow-up Audit of Information Technology Services Department CITY OF SAN ANTONIO OFFICE OF THE CITY AUDITOR Follow-up Audit of Information Technology Services Department Project No. AU13-F05 October 25,
Office of Information Technology Core Services Resilience Plan Version 6.5.6 March 2010 Page 1 of 13 Table of Contents Overview... 3 Background... 4 OIT Organizational Resilience Program... 4 Data Centers...
DISASTER RECOVERY PLANNING GUIDE AN INTRODUCTION TO BUSINESS CONTINUITY PLANNING FOR JD EDWARDS SOFTWARE CUSTOMERS www.wts.com WTS Disaster Recovery Planning Guide Page 1 Introduction This guide will provide
Massachusetts Institute of Technology Functional Area Recovery Management Team Plan Development Template Public Distribution Version For further information, contact: Jerry Isaacson MIT Information Security
Data Center Audit April 2015 Table of Contents Executive Summary 2 5 Highlights and Accomplishments 6 7 Summary Observations 8 This report provides management with information about the condition of risks
IT DISASTER RECOVERY CALIFORNIA STATE UNIVERSITY, EAST BAY Audit Report 10-34 October 13, 2010 Members, Committee on Audit Henry Mendoza, Chair Raymond W. Holdsworth, Vice Chair Nicole M. Anderson Margaret
Information System Audit Arkansas Administrative Statewide Information System (AASIS) General Controls ARKANSAS DIVISION OF LEGISLATIVE AUDIT April 12, 2002 April 12, 2002 Members of the Legislative Joint
Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies
Best Practices in Disaster Recovery Planning and Testing axcient.com 2015. Axcient, Inc. All Rights Reserved. 1 Best Practices in Disaster Recovery Planning and Testing Disaster Recovery plans are widely
Tufts Health Plan Corporate Continuity Strategy July 2015 OVERVIEW The intent of this document is to provide external customers and auditors with a highlevel overview of the Tufts Health Plan Corporate
Understanding Disaster Recovery in California Protecting your Enterprise Session Overview Why do we Prepare What is? How do I analyze (measure) it? What to do with it? How do I communicate it? What does
The Define/Align/Approve Reference Series NEEDS BASED PLANNING FOR IT DISASTER RECOVERY Disaster recovery planning is essential it s also expensive. That s why every step taken and dollar spent must be
OFFICE OF THE CITY AUDITOR AUDIT OF THE VITAL STATISTICS BIRTH AND DEATH CERTIFICATE IMAGING SYSTEM Paul T. Garner Assistant City Auditor Prepared by: Tony Aguilar, CISA Sr. IT Auditor Bill Steer, CPA,
Version 3.1 November 22, 2004 TABLE OF CONTENTS PART 1: DISASTER RECOVERY EXPECTATIONS... 3 OVERVIEW...3 EXPECTATIONS PRIOR TO AN INCIDENT OCCURRENCE...3 EXPECTATIONS PRIOR TO A DISASTER OCCURRENCE...4
SPECIAL AUDIT REPORT OF GOLF MANAGEMENT DIVISION POINT-OF-SALE SYSTEM PARKS AND RECREATION DEPARTMENT REPORT NO. 08-105 CITY OF ALBUQUERQUE OFFICE OF INTERNAL AUDIT AND INVESTIGATIONS Special Audit Golf
Building and Maintaining a Business Continuity Program Successful strategies for financial institutions for effective preparation and recovery Table of Contents Introduction...3 This white paper was written
County of San Diego Auditor and Controller OFFICE OF AUDITS & ADVISORY SERVICES IT DISASTER RECOVERY AUDIT FINAL REPORT Chief of Audits: Juan R. Perez Audit Manager: Lynne Prizzia, CISA, CRISC Senior Auditor:
GETTING STARTED WITH DISASTER RECOVERY PLANNING Ten misperceptions, Five best practices EMC PERSPECTIVE Natural and man-made events plus the technology innovations of the 21st century have heightened awareness
LOB #303: DISASTER RECOVERY Technology Infrastructure Services Purpose Disaster Recovery (DR) for IT is a capability to restore enterprise-wide technology infrastructure, applications and data that are
Internal Audit Report 2009-08 Introduction. The Municipality depends heavily on technology and automated information systems, and their disruption for even a few days could have a severe impact on critical
Business Continuity and Disaster Recovery Planning Jennifer Brandt, CISA A p r i l 16, 2015 HISTORY OF STINNETT & ASSOCIATES Stinnett & Associates (Stinnett) is a professional advisory firm offering services
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
Identify and Protect Your Vital Records INTRODUCTION The Federal Emergency Management Agency s Federal Preparedness Circular 65 states The protection and ready availability of electronic and hardcopy documents,
TUFTS HEALTH PLAN CORPORATE CONTINUITY STRATEGY FREQUENTLY ASKED QUESTIONS July 2015 OVERVIEW The intent of this document is to provide external customers and auditors with a high-level overview of the
Building a Disaster Recovery Program By: Stieven Weidner, Senior Manager Part two of a two-part series. If you read my first article in this series, Building a Business Continuity Program, you know that
Comp 5940 Project Disaster Recovery Planning By Janet Coggins Janet H. Coggins Page 1 11/21/2004 Table of Contents List of each Section....Page 2 Section 1 Executive Summary Overview of the scope of the
Code Subsidiary Document No. 0007: September 2015 Change History Version Number Date of Issue Reason For Change Change Control Reference Sections Affected 20150511 11 May 2015 For industry consultation
Taking a Proactive Approach to Crisis Management while Maintaining Business Continuity in a Tiered Environment John Linse Director of Business Continuity Services, EMC 1 Setting the Stage Taking a Proactive
Unit Guide to Business Continuity/Resumption Planning (February 2009) Revised June 2011 Executive Summary... 3 Purpose and Scope for a Unit Business Continuity Plan(BCP)... 3 Resumption Planning... 4 Assumptions
MANAGEMENT AUDIT REPORT OF ACCOUNTS PAYABLE REPORT NO. 04-108 CITY OF ALBUQUERQUE OFFICE OF INTERNAL AUDIT AND INVESTIGATIONS of Accounts Payable Report No. 04-108 Executive Summary Background The Department
Page 2 of 10 Scope and Objectives We reviewed the backup and disaster recovery processes utilized by DOH for information applications/systems managed by IT over the last three years. This review included
Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge
Information Technology Disaster Recovery and Business IT Disaster Recovery and Business Adopted by the Information Services Board (ISB) on May 28, 1992 Policy No: Also see: 500-P1, 502-G1 Supersedes No:
A Report to the Montana Legisl ature I nform ation Systems Audit Consolidated Environmental Data Access and Retrieval System: Verification of Data Accuracy and Integrity Department of Environmental Quality
Business Continuity Project Planning Process for Educational Institution Varun Maheshwari; Rahul; Kumar Gaurav and Chandan Kumar Singh Student MSCLIS, IIIT Allahabad India Varunmaheshwari02@gmail.com Abstract
Technical Considerations in a Windows Server Environment INTRODUCTION Cloud computing has changed the economics of disaster recovery and business continuity options. Accordingly, it is time many organizations
Virtual Infrastructure Security 2 The virtual server is a perfect alternative to using multiple physical servers: several virtual servers are hosted on one physical server and each of them functions both
Business Continuity Planning 2014 NABRICO Conference September 19, 2014 6 CityPlace Drive, Suite 900 St. Louis, Missouri 63141 314.983.1200 1520 S. Fifth Street, Suite 309 St. Charles, Missouri 63303 636.255.3000
Planning for Disaster Ramesh Ramani CISM CGEIT firstname.lastname@example.org 02 June 2010 Agenda Disaster Management-Introduction Examples BCP and IT Continuity Process of Disaster Management-PDCA Disaster Management
SOLUTION BRIEF: CA INSTANT RECOVERY ON DEMAND How can I deploy a comprehensive business continuity and disaster recovery solution in under 24 hours without incurring any capital costs? CA Instant Recovery
APPENDIX 1 GOVERNANCE AND MANAGEMENT OF CITY COMPUTER SOFTWARE NEEDS IMPROVEMENT January 7, 2011 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto TABLE OF CONTENTS
SAMPLE IT CONTINGENCY PLAN FORMAT This sample format provides a template for preparing an information technology (IT) contingency plan. The template is intended to be used as a guide, and the Contingency
APPENDIX 1 DISASTER RECOVERY PLANNING FOR CITY COMPUTER FACILITIES March 2008 Auditor General s Office Jeffrey Griffiths, C.A., C.F.E. Auditor General City of Toronto TABLE OF CONTENTS EXECUTIVE SUMMARY...1
The National Science Foundation Polar Programs United States Antarctic Program Information Resource Management Directive 5000.13 USAP Contingency & Disaster Recovery Program Organizational Function Policy
IT Service Management Service Continuity Methods (Disaster Recovery Planning) White Paper Prepared by: Rick Leopoldi May 25, 2002 Copyright 2001. All rights reserved. Duplication of this document or extraction
Audit of the Disaster Recovery Plan Report # 11-05 Prepared by Office of Inspector General J. Timothy Beirnes, CPA, Inspector General Kit Robbins, CISA, CISM, CRISC, Lead Information Systems Auditor TABLE
Information Systems Audit and Control Association www.isaca.org Business Continuity Planning AUDIT PROGRAM & INTERNAL CONTROL QUESTIONNAIRE The Information Systems Audit and Control Association With more
Secretary of State Audit Report Jeanne P. Atkins, Secretary of State Gary Blackmer, Director, Audits Division Oregon Employment Department: Computer Programs for Unemployment Tax Returns and Claims Need
Federal Financial Institutions Examination Council FFIEC Business Continuity Planning MARCH 2003 BCP IT EXAMINATION H ANDBOOK TABLE OF CONTENTS INTRODUCTION... 1 BOARD AND SENIOR MANAGEMENT RESPONSIBILITIES...
Disaster Recovery and Business Continuity Barbara Nollau Rupert King/Getty Images Computer Systems Quality and Compliance discusses practical aspects of computer systems and provides useful information
U.S. Department of Transportation Office of the Secretary of Transportation Office of Inspector General Memorandum ACTION: Report on Computer Security Controls of Financial Management System, FTA FE-2000-098
Federal Financial Institutions Examination Council FFIEC Business Continuity Planning BCP FEBRUARY 2015 IT EXAMINATION H ANDBOOK Table of Contents Introduction 1 Board and Senior Management Responsibilities
Construction of a Disaster Recovery Plan David Godwin, Sr. Sales Engineer March 18, 2014 Objectives Understand What Disaster Recovery is? Why is Disaster Recovery Needed? Effectively assist customers or
EXECUTIVE SUMMARY The Securities and Exchange Commission (SEC), Office of Inspector General (OIG) sought to determine whether the SEC s current data back-up procedures were reasonably effective in insuring
This quick reference guide provides an introductory overview of the key principles and issues involved in IT related disaster recovery planning, including needs evaluation, goals, objectives and related