System Business Cntinuity Classificatin Business Cntinuity Prcedures Infrmatin System Cntingency Plan (ISCP) Business Impact Analysis (BIA) System Recvery Prcedures (SRP) Cre Infrastructure Criticality Levels Critical High Medium Lw Required Required Required Nt required Nt required Included in ISCP Included in ISCP Included in ISCP Required Included in ISCP Included in ISCP Included in ISCP Business Cntinuity Methds System Availability High Availability High Availability High Availability Recverable Reliable Maximum Dwntime <2 hurs <4 hurs <24 hurs <72 hurs >72 hurs Data Recvery Strategy Cntinuus Cntinuus Cntinuus Incremental r differential between full s Incremental r differential between full s Testing Dcumentatin Review Semiannual Semiannual Annual Biennial Biennial Walkthrugh Semiannual Annual Annual Biennial Biennial Simulatin Annual Annual Biennial Biennial Nt Required Parallel Interruptin annually annually annually annually Nt required Nt required Nt required System Business Cntinuity Classificatin (Jan-12) 1
Criticality Levels Criticality levels are determined by the service wner and are used t classify the criticalness f an IT system* t a business prcess. The level selected defines the necessary business cntinuity prcedures, methds, and testing requirements. Cre Infrastructure: IT systems that must be functining and are cnsidered cre cmpnents, which will need t be peratinal befre ther dependent systems can perfrm as they are intended. Examples f cre systems include, but are nt limited t; electricity, the data netwrk, netwrk services such as DNS and DHCP, and varius authenticatin systems such as Active Directry. Immediate recvery is required t prevent substantial interruptin f University peratins. Systems shuld have a maximum dwntime f 2 hurs r less. Critical: IT systems which are essential t supprt University business peratins. Lss r failure f these systems will have an extreme impact n business peratins. Systems shuld have a maximum dwntime f 4 hurs r less. High: IT systems which are crucial t supprt primary University business peratins. Lss r failure f these systems will have a significant impact n business peratins. Systems shuld have a maximum dwntime f 24 hurs r less. Medium: IT systems which are imprtant t University business peratins. Lss r failure f these systems will have a mdest impact n business peratins. Systems shuld have a maximum dwntime f 72 hurs r less. Lw: IT systems which imprve the effectiveness r efficiency f University peratins. An extensive lss r failure f these systems will have a negligible impact n business peratins. *An IT system is a hardware r virtual cmputing envirnment that is installed r cnfigured t prvide, share, stre, r prcess infrmatin fr multiple users r, that cmmunicates with ther systems t transmit data r prcess transactins. Business Cntinuity Prcedures Three different services are ffered t prperly dcument and utline business cntinuity prcedures. Each f these define different prcedures and requirements necessary t prperly restre an IT system. System Business Cntinuity Classificatin (Jan-12) 2
Infrmatin System Cntingency Plan (ISCP) An ISCP prvides established prcedures fr the assessment and recvery f a system fllwing a system disruptin. The ISCP prvides key infrmatin needed fr system recvery, including rles and respnsibilities, inventry infrmatin, assessment prcedures, detailed recvery prcedures, and testing prcedures f a system. Business Impact Analysis (BIA)* The purpse f the BIA is t identify and priritize system cmpnents by crrelating them t the missin/business prcess(es) the system supprts, and using this infrmatin t characterize the impact n the prcess(es) if the system was unavailable. System Recvery Prcedures (SRP)* System recvery prcedures (SRP) prvide general prcedures fr the recvery f a system frm media r ther surces. Business Cntinuity Methds *Included as a part f the ISCP. Business Cntinuity Methds define the system availability and data recvery strategies. System Availability: Cntinuus Availability: A system that is created with a gal f n scheduled r unscheduled dwntime. Cntinuus availability systems can nly be reliant upn ther systems that are unremitting. Alternate facilities, nt physically lcated within the same building, will be used t ensure that n lcal disruptins interfere with the system s cntinuus availability. Real time synchrnizatin between the sites is used t rute data t bth the primary site and the alternate facility(ies). Cntinuusly available systems cnsist f hardware and sftware designed t prtect against cmpnent and system-level failures at any pint in time, with an understanding that the system will always be active. High Availability: A system that can quickly recver frm a failure by way f autmatin built int the system. There may be a small amunt f dwntime while ne system switches ver t anther, but prcessing will cntinue. There shuld be a gal f n unscheduled utages r dwntimes. High availability systems can nly be reliant n unremitting System Business Cntinuity Classificatin (Jan-12) 3
systems r ther systems that have n lwer availability than high. Alternate facilities, nt physically lcated within the same building, will be used t ensure that n lcal disruptins interfere with the system s high availability. Near real time synchrnizatin between the tw sites is used t mirrr the data envirnment f the riginal site. The alternate site will have hardware and system resurce cmpnents; netwrking equipment with an active cnnectin; and the resurces needed t recver the business prcesses impacted by the system disruptin. Recverable: Redundant infrastructure cmpnents, such as web and file servers, which have data replicatin. The facility will have s n hand, but they may nt be current r culd be in. A full shuld be dne first with either an incremental r differential d n a set schedule. The system will recver by manual interventin which will cause sme dwntime as tlerable. An alternate facility (pssibly smaller in scale) with the equipment and resurces t recver the business functins affected by the ccurrence f a disaster may be used. Reliable: Nn-redundant cmpnents that have n prtectin r ht-swappable hardware. IT staff will restre them eventually after majr failure, but the business des nt depend n them. System will have s, but they may nt be current r culd be in. An alternate facility wuld nt be needed in this instance. Data Recvery Strategies: Cntinuus : Backup f cmputer data by autmatically saving a cpy f every change made t that data in real time r near real time. It allws fr the data t be restred at any pint in time. The data will be lcated in different physical lcatins t ensure data availability in the event f a disruptin. Full : A in which all f a defined set f data bjects are cpied, regardless f whether they have been mdified since the last. Incremental : An incremental stres all files that have changed since the last full, differential r incremental. Differential : A in which data bjects mdified since the last full r incremental are cpied. Testing and Exercises System Business Cntinuity Classificatin (Jan-12) 4
The purpse f testing is t cnfirm the business cntinuity slutin satisfies the rganizatin's recvery requirements. Plans may fail t meet expectatins due t insufficient r inaccurate recvery requirements, slutin design flaws, r slutin implementatin errrs. Dcumentatin Review: Staff will individually review the plan fr accuracy and ness and ensure supprting dcumentatin fr critical systems is up t date. Business cntinuity dcumentatin shuld be reviewed in cnjunctin with system changes and updated if necessary. Walkthrugh: Staff walkthrugh the plan as a grup, discussing each step alng the way. Simulatin: Staff members perfrm a walkthrugh in the cntext f a simulated disaster that includes peridic annuncements f events as they ccur. Staff d nt actually perfrm any recvery steps. Parallel: Staff members perfrm actual recvery steps t mve business prcesses t alternate lcatins. Staff build r activate recvery servers while primary servers are als still wrking. Primary everyday business prcesses shuld cntinue uninterrupted. Interruptin ( rehearsal): The business stps perfrming critical business prcesses, as thugh an actual disaster has ccurred. Staff members carry ut business peratins accrding t the interim plan. Minr issues identified in the initial testing phase may be dcumented and retested during the next test cycle. Significant cmplicatins, such as a lack f apprpriate technlgies needed t meet the maximum tlerable dwntime r system recvery effrts, shuld be addressed and reexamined immediately. References: NIST 800-34 Cntingency Planning Guide fr IT Systems The BS 25999 series will include tw standards, as fllws: - BS 25999-1:2006 Cde f Practice fr BCM - BS 25999-2:2006 A Specificatin fr BCM. NFOA 1600: Standard n Disaster/Emergency Management and Business Cntinuity Prgrams ISO/IEC FDIS 27031: Infrmatin technlgy -- Security techniques -- Guidelines fr infrmatin and cmmunicatin technlgy readiness fr business cntinuity System Business Cntinuity Classificatin (Jan-12) 5