ICT DISASTER RECOVERY PLAN

EMAKHAZENI LOCAL MUNICIPALITY ICT DISASTER RECOVERY PLAN

Approval DOCUMENT: Copy Number: ICT INCIDENT RESPONSE PLAN MASTER COPY Compiled by: Niall Carroll Deputy Manager ICT Reviewed by: Compilation Date: August 2013 Review Date: Version: Draft V 1.00 Revision: Distribution: All Classification: Document Release Approval Document Acceptance Releasing Authority: Manager: Corporate Services ICT Department Acceptance Authority: Council Date Released: Date Accepted: Signature: Signature: 2

Document Control Revision Record Revision Date Change Record Changed By Issue Control This policy is issued by the DEPARTMENT OF CORPORATE SERVICES on behalf of the Emakhazeni Local Municipality, to whom any change requests or queries should be directed. The review life for this document is 12 months. Distribution Copy No. Name TICTle Organisation Master 01 02 The MASTER for this document is held electronically and only signed copies are valid. An unsigned, printed document is not copy controlled and is to be used for information purposes ONLY, as ICT will not be automatically updated. ICT is therefore the responsibilicty of the reader to ensure that ICT is a currently valid copy. 3

TABLE OF CONTENTS Document Control... 3 Revision Record... 3 Issue Control... 3 Distribution... 3 1. Organisation... 9 1.1 About & Overview... 9 1.2 Departments... 9 2. Contact Lists for Personnel & Suppliers... 10 2.1 ICT Contact Lists... 10 2.1.1 Senior ICT Management & ICT Disaster Recovery Leader... 10 2.1.2 Key Contact List (KCL)... 10 2.1.3 ICT Personnel... 10 2.1.4 ICT Disaster Recovery Team... 11 2.1.5 ICT Recovery Testing Team... 11 2.1.6 Relevant ICT Suppliers (Contract / SLA)... 11 3. Invocation Plan & Response... 12 4. Communications Plan... 13 4.1 Invocation Communications Plan... 13 4.2 Emergency Communications Plan... 13 4.3 Post Emergency Communications Plan... 14 5. Recovery Points... 15 5.1 Primary Assembly Point... 15 5.2 Secondary Assembly Point... 15 5.3 Primary Recovery Facility... 16 4

5.4 Secondary Recovery Facility... 17 6. Business Impact Analysis... 17 6.1 Risk Paradigm (Classification Index)... 17 6.2 Risk Impact Table... 18 6.3 Risk Likelihood Table... 18 6.4 Inherent Risk Exposure Table... 18 7. ICT Environment Overview... 19 7.1 Key Equipment List... 19 7.2 Recovery Start-up Sequence... 19 7.3 Diagram: Overall ICT Environment... 20 8. Applications in the Environment... 21 8.1 ICT Department Controlled Applications... 21 9. Essential ICT Services... 22 9.2 Network - Overview... 23 9.2.1 Network Architecture & Design... 23 9.2.2 Network Functional Components... 23 9.2.3 Network Backups... 24 9.2.4 Network Full Recovery Procedure... 24 9.2.5 Network Component Recovery Procedure... 24 9.2.6 Network - Risk & Impact Analysis... 25 9.3 Threat Management Gateway - Overview... 26 9.3.1 Threat Management Gateway - Architecture & Design... 26 9.3.2 Threat Management Gateway Functional Components... 26 9.3.3 Threat Management Gateway - Backups... 27 9.3.4 Threat Management Gateway Full Recovery Procedure... 27 5

9.3.5 Threat Management Gateway Component Recovery Procedure... 28 9.4 Domain Controller (Active Directory / AD) - Overview... 28 9.4.1 Domain Controller (Active Directory / AD) Functional Components... 28 9.4.2 Domain Controller (Active Directory / AD) - Backups... 28 9.4.3 Domain Controller (Active Directory / AD) Full Recovery Procedure... 29 9.4.4 Domain Controller (Active Directory / AD) Component Recovery Procedure... 29 9.4.5 Domain Controller (Active Directory / AD) - Risk & Impact Analysis... 29 9.5 Backup Service - Overview... 30 9.6 Backup Service - Architecture & Design... 30 9.7 Backup Service - Functional Components... 30 9.7.1 Backup Service - Backups... 30 9.7.2 Backup Service Full Recovery Procedure... 31 9.7.3 Backup Service Component Recovery Procedure... 31 9.7.4 Backup Service - Risk & Impact Analysis... 32 9.8 Antivirus Overview... 32 9.8.1 Antivirus - Architecture & Design... 32 9.8.2 Antivirus - Functional Components... 32 9.8.3 Antivirus - Backups... 33 9.8.4 Antivirus - Risk and Impact Analysis... 33 10. System Specific ICT Services... 33 10.1 Mail Service - Overview... 33 10.1.1 Mail Service - Architecture & Design... 34 10.1.2 Mail Service - Functional Components... 34 10.1.2.1 Authoritative Domains... 34 10.1.2.2 Domain Hosting... 34 10.1.2.3 Mail Records... 34 10.1.2.4 Mail Server... 34 6

10.1.2.5 Client Access... 35 10.1.2.6 Inbound Observations... 35 10.1.2.7 Outbound Observations... 35 10.1.3 Mail Service - Backups... 35 10.1.4 Mail Service Recovery Procedures... 35 10.1.4.1 Mail Service Component Recovery Procedure... 35 10.1.5 Mail Service - Risk & Impact Analysis... 36 10.2 Munsoft Service - Overview... 36 10.2.1 Munsoft Service - Architecture & Design... 36 10.2.2 Munsoft Service - Functional Components... 37 10.2.3 Munsoft Service - Backups... 37 10.2.4 Munsoft Service Full Recovery Procedure... 37 10.2.5 Munsoft Service Component Recovery Procedure... 38 10.2.6 Munsoft Service - Risk and Impact Analysis... 38 10.3 VIP Payroll Overview... 38 10.3.1 VIP Payroll Service - Architecture & Design... 39 10.3.2 VIP Payroll Service - Functional Components... 39 10.3.3 VIP Payroll Service - Backups... 39 10.3.4 VIP Payroll Service Full Recovery Procedure... 40 10.3.5 VIP Payroll Service Component Recovery Procedure... 41 10.3.6 VIP Payroll Service - Risk and Impact Analysis... 41 10.4 VIP ESS Service Overview... 41 10.4.1 VIP ESS Service - Architecture & Design... 42 10.4.2 VIP ESS Service - Functional Components... 42 10.4.3 VIP ESS Service - Backups... 42 10.4.4 VIP ESS Service Full Recovery Procedure... 43 10.4.5 VIP ESS Service Component Recovery Procedure... 43 7

10.4.6 VIP ESS Service - Risk and Impact Analysis... 44 10.5 CaseWare Service - Overview... 44 10.5.1 CaseWare Service - Architecture & Design... 44 10.5.2 CaseWare Service - Functional Components... 44 10.5.3 CaseWare Service Full Recovery Procedure... 45 10.5.4 CaseWare Service Component Recovery Procedure... 45 10.5.5 CaseWare Service - Risk and Impact Analysis... 46 11. Non-Core Services... 46 11.1 GIS Service (TGIS)... 46 11.2 IP Cameras Service... 46 11.3 Access Control Service... 46 11.4 Corporate Printing Service... 46 11.5 Telephony Services... 46 12. Annexure... 47 12.1 Software List... 47 8

1. Organisation 1.1 About & Overview The Emakhazeni Local Municipality has set a vision for the organisation to Improved qualicty of life through balanced, sustainable development and service excellence. The Mission of Council is to achieve this through the Emakhazeni Local Municipality being commictted to the improvement of the physical, socio-economic and instictutional environment in order to address poverty and promote development. The Emakhazeni Local Municipality ICT Department will contribute to this mission by putting the necessary and required procedures in place to ensure the institution can deliver on ICTs Vision and Mission from an ICT perspective. This ICT DRP/BCP document serves as part of the broader ICT strategy and operations. 1.2 Departments DEPARTMENTS Office Of The Municipal Manager Department of Corporate Services Department of Technical Services Department of Finance Department of Community Services DEPARTMENTS AND DIVISIONS Financial Services Corporate Services Technical Services Municipal Manager Technical Services Executive Mayor Community Services Speakers Office Information and Communication Technology Development and Planning Local Economic Development Internal Audit 9

2. Contact Lists for Personnel & Suppliers This is a complete list with contact details for personnel and suppliers. 2.1 ICT Contact Lists This section pertains to the various types of contacts used as part of the process. 2.1.1 Senior ICT Management & ICT Disaster Recovery Leader NAME DESIGNATION TELEPHONE CELL EMAIL Niall Carroll Deputy Manager ICT 013 253 1631 (H) 083 653 8746 niall@emakhazenilm.co.za ICT Disaster Recovery Team Leader 013 253 7666 (W) 2.1.2 Key Contact List (KCL) The Key Contact List is the identified Key ICT contacts within the ICT Department. Their contact information should be shared and disseminated within the organisation. The ICT Disaster Recovery Team Leader remains the first point of contact. NAME DESIGNATION TELEPHONE CELL EMAIL Niall Carroll Deputy Manager ICT 013 253 1631 (H) 083 653 8746 niall@emakhazenilm.co.za Eunice Mnguni ICT Technician 083 232 7913 eunicem@emakhazenilm.co.za Vusi Ntshwane ICT Technician 072 407 7695 vusi@emakhazenilm.co.za 2.1.3 ICT Personnel NAME DESIGNATION TELEPHONE CELL EMAIL Niall Carroll Deputy Manager ICT 013 253 1631 (H) 083 653 8746 niall@emakhazenilm.co.za Eunice Mnguni ICT Technician 083 232 7913 eunicem@emakhazenilm.co.za Vusi Ntshwane ICT Technician 072 407 7695 vusi@emakhazenilm.co.za 10

2.1.4 ICT Disaster Recovery Team The ICT Disaster Recovery Team is sorted in the order of succession for the ICT Disaster Recovery Team Leader role. NAME DESIGNATION TELEPHONE CELL EMAIL Niall Carroll Deputy Manager ICT 013 253 1631 (H) 083 653 8746 niall@emakhazenilm.co.za Eunice Mnguni ICT Technician 083 232 7913 eunicem@emakhazenilm.co.za Vusi Ntshwane ICT Technician 072 407 7695 vusi@emakhazenilm.co.za 2.1.5 ICT Recovery Testing Team The ICT Recovery Testing Team is the team responsible for the periodic restore or DR testing in the environment. NAME DESIGNATION TELEPHONE CELL EMAIL Niall Carroll Deputy Manager ICT 013 253 1631 (H) 083 653 8746 niall@emakhazenilm.co.za Eunice Mnguni ICT Technician N/A 083 232 7913 eunicem@emakhazenilm.co.za Vusi Ntshwane ICT Technician N/A 072 407 7695 vusi@emakhazenilm.co.za 2.1.6 Relevant ICT Suppliers (Contract / SLA) The following Suppliers/Vendors have direct impact on the DRP. 1. Telkom (internet, VPN & VOIP access) Duma Shange 081 309 6152 Regional Accounts Manager Glenn Van Dalen 081 317 5368 Regional Service Manager 2. Obsidian (Software infrastructure) Support 011 795 0200 Support Centre 3. ITNA (Munsoft) ITNA Disaster Recovery 012 682 9242 Service desk Ian Graham-Parker 083 556 2815 Service Delivery Manager Marius Richter 082 561 4963 Account Manager 11

3. Invocation Plan & Response Incident Occures Emakhazeni Local Municipality is notified of possible DR incident. Initial assessment and classification of disaster is done by Nkangala District Municipality DR Team. IT Disaster Recovery Team Leader invokes and communicates the incident to the IT Disaster Recovery. Assemble Emakhazeni Local Municipality DR Team informs different departments of incident. IT Disaster Recovery Team assembles at predefined assembly points. In event of Nkangala District Municipality building being damaged and not accessible at predefined secondary assembly point. Assess IT Disaster Recovery Team does IT damage assessment to ascertain the impact of the event on the IT Department and the services reliant on it. Determine recovery location based on damage assessment. Respond IT Disaster Recovery Team starts recovery process full or partial on various affected systems. Test systems post recovery. Provide access to systems. Communicate IT Disaster Recovery Team reports back to Emakhazeni Local Municipality on status and completion of DRP via IT Disaster Recovery Team Leader. 12

4. Communications Plan This section covers the communication between Emakhazeni Local Municipality and the ICT department along witch the internal departmental communication in the event of an incident. All communications during the event should be treated as confidential and only the ICT Disaster Recovery Leader should communicate with the organisation with regards to the status and progress of the ICT Department and ICTs People, Technology, Premises, Information (Systems) and Suppliers (Equipment, Services, Systems). The only exception to this should be if the ICT Disaster Recovery Leader is not able to handle these communications for whatever reason the responsibility will fall on the ICT Recovery Team member next inline. 4.1 Invocation Communications Plan In the event of a disaster or incident that has been invoked by Emakhazeni Local Municipality the initial communication between the ICT Disaster Recovery team members will be either face to face or via phone calls (one to one or conference call). Once damage assessment has been completed, and the impact warrants a Disaster, the Organisation DR Leader declares a disaster The Organisation DR Leader informs all relevant DR team leaders including the IT DR Team Leader The IT DR Team Leader informs all IT DR Team members who then activate the steps in the IT DRP 4.2 Emergency Communications Plan During and post the invocation of the incident ICT is critical that the ICT Disaster Recovery Team communicate with each other in a frequently, clear, reliable and concise manner. All ICT related communication should be relayed through the ICT Disaster Recovery Team Leader. The ICT Disaster Recovery Team Leader will be the interface for all communication between the ICT Disaster Recovery Team and the Organisation. Communications between the ICT Disaster Recovery Team and the organisation should be frequent initially ICT is recommend to between 30 60 minutes as the initial recovery period continues communications could be 2 4 hours apart. This will however be dependent and dictated by the request for information from the Organisation DR Leader. 13

Team Member 2 Team Member 3 Team Member 4 Team Member 1 IT Disaster Recovery Team Leader Team Member 5 4.3 Post Emergency Communications Plan ICT Disaster Recovery Team Leader will communicate to the Organisation DR Leader and later on the organisation the post incident information. This should include any changes (permanent or temporarily) to the People, Technology, Premises, Information (Systems) and Suppliers (Equipment, Services, Systems) relating to ICT environment. 14

5. Recovery Points This section covers the ICT Departments emergency assembly points and the recovery points. 5.1 Primary Assembly Point In the event of an incident the ICT Disaster Recovery Team should assemble at the location market on the map below. In the event of the primary location not being accessible proceed to the secondary location. The team should gather at this location within the first hour. Primary Assembly Point for Emakhazeni LM ICT Disaster Recovery Team Secondary Assembly Point for Emakhazeni LM ICT Disaster Recovery Team 5.2 Secondary Assembly Point In the event of not being able to use the primary assembly point proceed to the secondary assembly point, located a across the road in Steepers Street. The team should gather at this location within the first hour. 15

5.3 Primary Recovery Facility Recovery Procedures are to start at the primary location. Primary Recovery Facility for Emakhazeni ICT Disaster Recovery Team in Existing Municipal Building 16

5.4 Secondary Recovery Facility Secondary site for recovery at Entokozweni Municipal Office. 6. Business Impact Analysis The Business Impact Analysis (BIA) section of this document serves the purpose of depicting the architecture & design as well as to highlight the risks & impacts for the various technologies deployed. Vendors and Service Provider details can be found in the Supplier list section of this document. 6.1 Risk Paradigm (Classification Index) The tables below are used to calculate the risk impact and likelihoods of your organisation and then to quantify the possible exposure of these risks. In order to get final risk exposure rating you need to quantify impact and likelihood. This is done by multiplying the ratings of impact and likelihood. 17

6.2 Risk Impact Table RATING ASSESSMENT DEFINICTION 1 INSIGNIFICANT Negative outcomes or missed opportunities that are likely to have a negligible impact on the ability to meet objectives. 2 MINOR Negative outcomes or missed opportunities that are likely to have a relatively low impact on the ability to meet objectives. 3 MODERATE Negative outcomes or missed opportunities that are likely to have a relatively moderate impact on the ability to meet objectives. 4 MAJOR Negative outcomes or missed opportunities that are likely to have a relatively substantial impact on the ability to meet objectives. 5 CRICTICAL Negative outcomes or missed opportunities that are of critical importance to the achievement of the objectives. 6.3 Risk Likelihood Table RATING ASSESSMENT DEFINICTION 1 RARE The risk is conceivable but is only likely to occur in extreme circumstances. 2 UNLIKELY The risk occurs infrequently and is unlikely to occur within the next three (3) years. 3 MODERATE There is an above average chance that the risk will occur at least once in the next three (3) years. 4 LIKELY The risk could easily occur, and is likely to occur at least once within the next 12 months. 5 COMMON The risk is already occurring, or is likely to occur more than once within the next 12 months. 6.4 Inherent Risk Exposure Table RISK INHERENT RISK RESPONSE RATING MAGNICTUDE 15-25 HIGH Unacceptable level of risk High level of control intervention required to achieve an acceptable level of residual risk 8-14 MEDIUM Unacceptable level of risk, except under unique circumstances or conditions Moderate level of control intervention required to achieve an acceptable level of residual risk 1-7 LOW Mostly acceptable Low level of control intervention required, if any. 18

7. ICT Environment Overview The municipality consists of various departments each with their own requirements from ICT. However the ICT environment of Emakhazeni Local Municipality is a well structured environment. The environment consists of a number of systems required to support the services needed by Emakhazeni Local Municipality. These services used by Emakhazeni Local Municipality include Financial, Payroll, Communication, Document Management and the base infrastructure. The Municipality relies on a 2 MB internet breakout for ICTs connectivity as well as dedicated system specific connectivity for ICTs financial system. 7.1 Key Equipment List DEVICE / SERVER NAME IP ADDRESSS TYPE Main ICT Servers Untangle 193.168.30.248 Server CentOS Virtual Drive Zimbra 192.168.30.243 Server CentOS Virtual Drive ClearOS 192.168.30.244 Server Finance Munsoft 192.168.30.1 Server VIP 192.168.30.189 Server Budget Plan 192.168.30.19 Server TELKOM OPTICON PRI 192.168.30.100 Telephony 7.2 Recovery Start-up Sequence The recovery sequence is the proposed sequence to be used for a full recover. Certain services are dependent on others and thus the recovery sequence becomes important to ensure when recovering a service ICT already has ICTs dependencies in place. # SERVICE NAME DESCRIPTION 1 Network & Connectivity Setup WAN & LAN networks. 2 Domain Controller Recover Domain Controller and ensure (DNS, AD, DHCP, WINS) is functioning. 3 Firewall (TMG) Recover firewall and load original configuration from backup. 4 Antivirus Recover Antivirus service for environment. 5 Backup Recover Storage Platform and relevant data. 6 Printing Recover printing service. Multifunction & Scanning Device and Tally Line printers required. 7 Mail Recover all Mail related services and establish access for users. 8 Munsoft Recover Munsoft s Municipal Financial & Billing software and data and establish access for users. 9 VIP Premier Recover VIP Payroll service and establish access for users. 10 VIP ESS Recover VIP Premier (Application and Database) service and establish access for end users. 11 File Server Recover File Server and data and establish access for users to Home folder 15 Non-core Recover where possible non-core services 19

7.3 Diagram: Overall ICT Environment This diagram presents an overview of the organisation ICT structure. Backup Site Machadodorp 90 Users Belfast HQ 1984 kbs Internet 1984kbs 1984kbs 1024kbs 10 Users Fritzegerald 512kbs Waterval Boven 10 Users 512kbs Emakhazeni Local Municipality MPLS VPN 512kbs 512kbs Siyathuthu 6 Users Emthonjeni 4 Users Dullstroom 4 Users 20

8. Applications in the Environment Various applications have been identified in the organisation. These are listed below and will be broken down in to two sections. The two sections are those that fall under the control and support of the ICT department and those that live elsewhere in the organisation. 8.1 ICT Department Controlled Applications APPLICATIONS MANUFACTURER USAGE USERS SYSTEM FUNCTION Munsoft Financial Munsoft Software Pty Ltd Daily Finance Is used to managed the finances of the Management System Department Emakhazeni Local Municipality VIP Payroll System Softline Pty Ltd Daily Finance & HR Departments This application is used to administrate the salaries and HR functions such as leave at Emakhazeni Local Municipality CaseWare CaseWare International Weekly Finance (1 User) Application used to financial reporting ESS (VIP) Softline Pty Ltd Daily All Departments Module for users to be able to manage their own HR including leave applications etc. File Data Electronic Mail Service (Zimbra) Untangle. Management Gateway (TMG) Intel Server / CentOS sharing Open Source, Telkom, Lantic, Cisco etc. Daily All Departments All users have home folders on the server with redirection taking place back to the individual workstations Daily All Departments The mail service forms part of an important communication tool in the Emakhazeni Local Municipality. ICT is also used to store contacts and schedule meetings by ICTs users. Open Source Daily All Departments Protects the users from and allows access to the Internet from the Emakhazeni Local Municipality LAN. Other Applications in Organisation APPLICATIONS MANUFACTURER USAGE USERS SYSTEM FUNCTION GIS TGIS N/A Technical GIS system is in PoC / Review phase Services TELKOM OptiCon PRI Telkom N/A All Telephone management system Departments IP Cameras (ICT) N/A Daily ICT Used to monitor Server Room Call Centre Telkom Daily Disaster Management To answer any emergency 21

9. Essential ICT Services Functional components of the environment include: Network (LAN & WAN) The LAN and WAN provides the access layer between end users and the services they require. Firewall Provides the security gateway that manages the internal and external networks. Domain Controller - Active Directory (AD) provides the underlying centralised authorisation and authentication which is used by servers and end users to access various systems and services on the ICT network. Backup Service Service that is used to backup and recovery of data across the environment. IMPORTANT NOTE: ALL SERVERS SHOULD RETAIN THEIR ORGINAL NAMES WHEN DOING THE RECOVERY 9.1 Recovering Essential ICT Services In order to start recovering services, the basic ICT infrastructure needs to be configured and ready for use in order to deploy the recovered systems. These systems will be classified as essential ICT services and are made up of the Network (LAN & WAN), Firewall and Active Directory (AD). As opposed to the essential services mentioned above, there are a few other essential services which are required at the Recovery location as listed below: Secure Environment (New) Power (New) Network (physical) Domain Controller (Networking infrastructure, e.g. DNS, AD, DHCP, WINS) Firewall Network Printing Line Matrix Printer (New) Multi-Function Printers (Must Include Scanner and be Network capable) (New) 22

9.2 Network - Overview The physical network configuration of the network is a flat Layer 2 network. No VLAN s are in use. 9.2.1 Network Architecture & Design The network architecture of Emakhazeni Local Municipality is a Virtual Private Network. All systems are located on eight IP address structure. 9.2.2 Network Functional Components Functional components of the network include: Physical Line (2MB Telkom) This is the primary connection to internet. Router Cisco 1900 This is the router used by the primary connection. Core Switching This handles the uplinks to LAN (Floor Switches) and the server room. Floor Switching The floor Switches allow end users and devices to connect to each other and the core network. Cabling Cabling is in place to link the different Switches and users. Cabinet All equipment is placed in the cabinets. 23

9.2.3 Network Backups Telkom manages the Cisco 1800 and 1900 series router and maintains the backup of the configuration. As there are no VLAN's or other Layer2 or Layer3 actions, the backups of the production Switches are not required. 9.2.4 Network Full Recovery Procedure Procure 4 x 48 port Switches Setup 1 x core Switch Connect 4 x floor Switches to the core Switch in star configuration Start connecting core infrastructure to the network Test access to infrastructure Start connecting users to network to access systems Test user access to systems 9.2.5 Network Component Recovery Procedure PHYSICAL LINE (PRIMARY 2MB CONNECTION) Component Physical Line (circuit number 53-99941-00) Responsible Company / Telkom Department Contact Details: Service Desk 0800 510 000 Actions Emakhazeni LM ICT will log the incident of the line down with the WAN (Telkom) provider to restore the service. When logging the incident an ETA and incident number should be requested. Potential time of service interruption Estimated recovery time: With WAN connectivity and outages due to incidents such as natural disasters, breakages and cable theft, an outage can be anything from a couple of hours to several weeks. Emakhazeni LM does have an SLA on the line, but if the SLA is breached, the conditions only force the WAN provider not to charge for the service during the outage. 3 Days (Best Estimate) ROUTER CISCO 1900 Component CISCO Router 1900 circuit number 53-99941-00 Responsible Company / Telkom Department Contact Details: Service Desk 0800 510 000 Actions Emakhazeni LM ICT will log the incident of the Cisco Router with the WAN (Telkom) provider to investigate & repair. When logging the incident an ETA and incident number should be requested. Potential time of service interruption Estimated recovery time: Dependent on how quick Telkom can swap out the Router and restore the configuration or setup the router. 3 Days (Best Estimate) 24

CORE SWITCH Component Responsible Company / Department Contact Details: Service Desk 3COM Emakhazeni Local Municipality ICT Department N/A Actions Emakhazeni Local Municipality ICT Department to procure new Core Switch. Configure IP address for remote management Send existing failed Switch in for warranty repair, repair or scrap equipment Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT and as such there exists no uptime guarantee. The time to restore is governed by the time to procure Hardware as well as the reinstallation of software 3 Days (Best Estimate) FLOOR SWITCH Component Responsible Company / Department Contact Details: Service Desk Generic Manufacturer Emakhazeni Local Municipality ICT Department N/A Actions Emakhazeni Local Municipality ICT Department to procure new Floor Switch. Install Floor Switch reconnect Switching stack Configure IP address for remote management Send existing failed Switch in for warranty repair, repair or scrap equipment Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT and as such there exists no uptime guarantee. The time to restore is governed by the time to procure Hardware as well as the reinstallation of software 3 Days (Best Estimate) 9.2.6 Network - Risk & Impact Analysis The network is setup with a rudimentary design with low levels of fault tolerance. ESTIMATED SERVICE RESTORATION TIME 3 DAYS OVERAL RISK RATING 10 (MEDIUM) SERVICES COMPONENT IMPACT DESCRIPTION IMPACT LIKELIHOOD RISK RATING ESTIMATED RECOVERY TIME Connectivity Telkom Line No external connectivity (Internet & Email) 5 2 10 (MEDIUM) 3 DAYS Connectivity Telkom Router No external connectivity (Internet & Email) Connectivity DHCP If DHCP is not functional, no computer can get on the network. This is a SPOF since there is only one Switch providing this service 5 2 10 (MEDIUM) 3 DAYS 5 2 10 (MEDIUM) 4 HOURS Connectivity Switch Main Building Users directly 1 1 1 (LOW) 3 DAYS 25

connected to Switch will lose connectivity to the LAN Connectivity Switch Corporate and Community Services Users directly connected to Switch will lose connectivity to the LAN 5 1 5 (LOW) 3 DAYS 9.3 Threat Management Gateway - Overview Threat Management Gateway is not actively used by all users as an application but ICT is an underlying service that protects the network from external and internal threats. ICT further allows for the user management of internet access. 9.3.1 Threat Management Gateway - Architecture & Design The Threat Management Gateway (TMG) is used as the firewall in the organisation. This firewall is what governs and manages the access policies in and out of the environment. The firewall is in line between the external Telkom link and the internal LAN. Internal LAN TMG Internet 9.3.2 Threat Management Gateway Functional Components PHYSICAL DEVICE PHYSICAL LOCATION IP ADDRESS NOTES Untangle Firewall (TMG) Server Room 192.168.30.248 CISCO 1900 - Telkom Router 53-99941-00 Server Room N/A 26

9.3.3 Threat Management Gateway - Backups NDMSVMBGFAPP01 DEVICE IP SERVER ROLE BACKUP GROUP A copy of the latest configuration is backed up on the ELM01 server. This will need to be restored from the C:\TMG Backup files folder in the event of a recovery. BACKUP AGENT VERSION 7.0.1 BACKUP SCHEDULE LAST SUCCESSFUL BACKUP DATA RETENTION PERIOD OFFSICTE DATA RETENTION PERIOD DATA RECOVERY POINT ESTIMATED RESTORE TIME DATA PROTECTED DATA COMPRESSED Application Server EMAKHAZENI LM-SRV\SERVERS Daily backups for this backup set occurs at 19h00 11 June 2013, 19:00 2 months Offsite backups to B-site yet RPO (Recovery Point Objective) 24 hours, we run backups daily 1 Hour Depending on size of data transfer 8.67 GB 7.63 GB SELECTION EXPORT DATE 7 June 2013 9.3.4 Threat Management Gateway Full Recovery Procedure FIREWALL UNTANGLE Component Responsible Company / Department Contact Details: Service Desk Actions Intel Server Emakhazeni Local Municipality ICT Department N/A Backing up the Firewall configuration Resource - http://technet.microsoft.com/en-us/library/cc984454.aspx System requirements for Untangle Resource - http://technet.microsoft.com/en-us/library/dd896981.aspx Secure / procure a server that meets the minimum requirements. (64-bICT, 6GB RAM, Dedicated 6 X 1TB HDD formatted with NTFS file system, 2 x NIC) Ensure the base / core network is operational in order to connect the Untangle server. Install OS and Untangle and ensure ICT s on the same patch / service pack level as the Untangle server being recovered. Restore the Untangle configuration file. This is the XML export that contains the firewall s properties. Import the XML file this restore will reconstruct most configuration details. When importing always select the option to Overwrite the existing configuration. Use the password created when the export of the configuration was done to decrypt the configuration file for Untangle. Ensure the certificates settings are correct, failure to do so will result in the TMG service not starting. Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed up and the equipment is available) 27

9.3.5 Threat Management Gateway Component Recovery Procedure In the event of component failure replacement parts should be ordered and if need be the above full recovery procedure followed. Threat Management Gateway - Risk & Impact Analysis ESTIMATED SERVICE RESTORATION TIME 3 DAYS OVERAL RISK RATING 5 (LOW) SERVICES COMPONENT IMPACT DESCRIPTION Firewall Service No external connectivity (Internet & Email) Access policies and restrictions not applied IMPACT LIKELIHOOD RISK ESTIMATED RATING RECOVERY TIME 5 1 5 (LOW) 3 DAYS 9.4 Domain Controller (Active Directory / AD) - Overview Active Directory is used by all users and is a crucial underlying component of all systems since ICT provides an authentication and authorisation functionality. Without Active Directory no users will be able to login, and therefore access their applications. 9.4.1 Domain Controller (Active Directory / AD) Functional Components PHYSICAL DEVICE PHYSICAL LOCATION IP ADDRESS NOTES Domain Controller Intel Server Server Room 192.168.30.244 Server 2011 9.4.2 Domain Controller (Active Directory / AD) - Backups An Attix5 agent is loaded on the Active Directory server and backs up the System State of the machine on a daily basis. ELM SERVER DEVICE IP 192.168.30.244 SERVER ROLE BACKUP GROUP BACKUP AGENT VERSION BACKUP SCHEDULE DATA RETENTION PERIOD OFFSITE DATA RETENTION PERIOD DATA RECOVERY POINT ESTIMATED RESTORE TIME Active Directory EMAKHAZENI LM\SERVERS ClearOS Daily backups for this backup set occurs at 19h00 2 months 2 Months RPO (Recovery Point Objective) 24 hours, we run backups daily 1 Hour (depending on size of data) 28

9.4.3 Domain Controller (Active Directory / AD) Full Recovery Procedure ACTIVE DIRECTORY (AD / DOMAIN CONTROLLER) Component Domain Controller Server INTEL SERVER Responsible Company / Department Contact Details: Service Desk Emakhazeni Local Municipality ICT Department N/A Actions Secure / procure a server that meets the minimum requirements. (64-bICT, 6GB RAM, Dedicated 6 X 1TB HDD, 2 x NIC) Install OS, Service Packs and fixes from media Install Attix5 agent and connect account to Storage Platform Restore last backup to original location Then perform System State Restore Ensure server is rebooted as required by Microsoft Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed up and the equipment is available) 9.4.4 Domain Controller (Active Directory / AD) Component Recovery Procedure ACTIVE DIRECTORY (AD / DOMAIN CONTROLLER) Component Domain Controller Server INTEL SERVER Responsible Company / Department Contact Details: Service Desk Emakhazeni Local Municipality ICT Department N/A Actions Hardware - Log a call with HP to replace the damaged components. Get the incident number from the service operator. Hardware After hardware has been repaired rebuild domain controller from backup if necessary. Follow the Full Recovery Procedure. Software If problem cannot be rectified, rebuild from last available backup using the Full Recovery Procedure. Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed up and the equipment is available) 9.4.5 Domain Controller (Active Directory / AD) - Risk & Impact Analysis ESTIMATED SERVICE RESTORATION TIME 3 DAYS OVERAL RISK RATING 15 (HIGH) SERVICES COMPONENT IMPACT DESCRIPTION IMPACT LIKELIHOOD RISK RATING ESTIMATED RECOVERY TIME Active Directory Service No authentication 5 3 15 (HIGH) 1 DAY DNS Service Slow or no authentication 5 3 15 (HIGH) 1 DAY Domain Controller Server No authentication 5 3 15 (HIGH) 3 DAYS 29

9.5 Backup Service - Overview The Backup Service provides backups for all the servers at Emakhazeni Local Municipality for backup and disaster recovery purposes. The service provides LAN-based backups with the additional redundancy of a mirror copy of the Data Server data stored offsite at a DR site. This provides access to easy DR procedure testing without disrupting the operational environment and negates the need for tape. 9.6 Backup Service - Architecture & Design The Backup Service is a service that stores backups for all the servers in the organisation. The backup service is a disaster recovery tool that allows the organisation to have daily backups of the servers to assist in the event of data loss. The service also provides offsite backups in the event of disaster on the server that the application resides on. 9.7 Backup Service - Functional Components PHYSICAL DEVICE PHYSICAL LOCATION IP ADDRESS NOTES Database & File Server (Intel Server) Server Room 192.168.31.248 9.7.1 Backup Service - Backups The Attix5 agent is loaded on the Emakhazeni LM backup server to back up the Storage Platform. This backup includes the Account and Report Server. UNTANGLE (INTERNET SERVER) DEVICE IP 192.168.31.248 SERVER ROLE BACKUP GROUP BACKUP AGENT VERSION 7.0.1 BACKUP SCHEDULE DATA RETENTION PERIOD OFFSITE DATA RETENTION PERIOD DATA RECOVERY POINT ESTIMATED RESTORE TIME File / Data Management System EMAKHAZENI LM-SRV\SERVERS Daily backups for this backup set occurs at 19h00 2 months 2 Months RPO (Recovery Point Objective) 24 hours, we run backups daily 1 Hour (Depending on data size) 30

9.7.2 Backup Service Full Recovery Procedure BACKUP SERVICE Component Responsible Company / Department Contact Details: Service Desk Actions INTEL SERVER Emakhazeni Local Municipality ICT Department N/A Components to be restored: Storage Platform database Storage Platform Reports database Stage 1: Task file Backup Server from Mirror Server at Entokozweni Office Requirements: Mirror Server The account GUID The account encryption key Full access to the Storage Server where the backup data resides Write access to the target location where the data must be written Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed and the equipment is available. Further the complete data restoration time could influence the recovery time due to the amount of data being retrieved and restored) 9.7.3 Backup Service Component Recovery Procedure BACKUP SERVICE Component Responsible Company / Department Contact Details: Service Desk INTEL SERVER Emakhazeni Local Municipality ICT Department N/A Actions Hardware - Log a call to suppliers to replace the damaged components. Hardware After hardware has been repaired and should the Backup Service still not work a rebuild of Server from backup may be necessary. Follow the Full Recovery Procedure in order to restore the Backup Service. Software If problem cannot be rectified, rebuild from last available backup using the Full Recovery Procedure to restore the Backup Service. Emakhazeni Local Municipality ICT Department to make staff available for testing of the Backup Service once ICT has been restored. Potential time of service interruption This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. Estimated recovery time 3 Days (If the configuration is backed and the equipment is available. Further the complete data restoration time could influence the recovery time due to the amount of data being retrieved and restored) 31

9.7.4 Backup Service - Risk & Impact Analysis ESTIMATED SERVICE RESTORATION TIME 3 DAYS OVERAL RISK RATING 15 (HIGH) SERVICES COMPONENT IMPACT DESCRIPTION IMPACT LIKELIHOOD RISK RATING Backup Service No new backups for organisation at Emakhazeni Local Municipality No access to existing backups No access to backup reports No account access to backup platform No data restoration 5 2 10 (MEDIUM) ESTIMATED RECOVERY TIME 1 DAY Backup Server No new backups for organisation at Emakhazeni Local Municipality No access to existing backups No access to backup reports No account access to backup platform No data restoration Potential backup data loss 5 3 15 (HIGH) 3 DAYS 9.8 Antivirus Overview McAfee Enterprise Anti-virus is deployed to ensure a virus free environment. 9.8.1 Antivirus - Architecture & Design The antivirus is setup in a centralised design with a master console. 9.8.2 Antivirus - Functional Components PHYSICAL DEVICE PHYSICAL LOCATION IP ADDRESS NOTES Internet Router (Cisco 1900) Server Room N/A Firewall - Untangle Server Room 192.168.30.248 32

9.8.3 Antivirus - Backups An agent is loaded on the App server which houses the AV application and backs up the AV Databases on the machine. INTERNET SERVER - UNTANGLE DEVICE IP 194.168.30.248 SERVER ROLE BACKUP GROUP BACKUP AGENT VERSION 7.0.1 BACKUP SCHEDULE Application Server EMAKHAZENI LM-SRV\SERVERS LAST SUCCESSFUL BACKUP 11 June 2013, 19:00 DATA RETENTION PERIOD OFFSICTE DATA RETENTION PERIOD DATA RECOVERY POINT ESTIMATED RESTORE TIME Daily backups for this backup set occurs at 19h00 2 months Offsite backups to B-site yet RPO (Recovery Point Objective) 24 hours, we run backups daily 1 Hour ( Depending size of data) 9.8.4 Antivirus - Risk and Impact Analysis ESTIMATED SERVICE RESTORATION TIME 3 DAYS OVERAL RISK RATING 6 (LOW) SERVICES COMPONENT IMPACT DESCRIPTION AV Service Service Computers will not be updated with latest AV patterns, potentially leading to virus infections AV Database Service Computers will not be updated with latest AV patterns, potentially leading to virus infections NDMSVMBGFAPP01 Server Computers will not be updated with latest AV patterns, potentially leading to virus infections IMPACT LIKELIHOOD RISK RATING ESTIMATED RECOVERY TIME 3 1 3 (LOW) 2 DAYS 3 1 3 (LOW) 2 DAYS 3 2 6 (LOW) 3 DAYS 10. System Specific ICT Services 10.1 Mail Service - Overview The mail services is actively used throughout the day between the hours of 7:00 to 18:00. Some users access their email on mobile devices like Smart Phones and Tablets. This usage is generally remote and at all hours of the day or week. 33

10.1.1 Mail Service - Architecture & Design The mail system of Emakhazeni Local Municipality is a locally hosted Microsoft Exchange system. ICT is a single server which does have RAID redundancy on the hard drives. The server is backed up daily via the Attix5 platform. Mail is not spooled and cleaned via any third parties and is delivered to and from Emakhazeni Local Municipality via the mail server directly. The firewall at Emakhazeni Local Municipality is configured to allow for direct access to the mail server via TCP ports 443 and 25. 5 1 4 3 2 Internet 10.1.2 Mail Service - Functional Components DIAGRAM # PHYSICAL DEVICE PHYSICAL LOCATION IP ADDRESS 1 DNS Provider SAIX / Telkom Cloud N/A 2 Internet Router (Cisco 1900) Server Room N/A 3 Firewall - Untangle Server Room 192.168.30.248 4 Untangle Domain Controller Server Room 192.168.30.244 5 CentOS Zimbra Mail Server Room 192.168.30.243 NOTES 10.1.2.1 Authoritative Domains The following domain is associated with the organisation: Emakhazeni lm.co.za 10.1.2.2 Domain Hosting On the dnsadmin.gov.za portal ICT only states the domain is registered and no further WHOIS information is available. 10.1.2.3 Mail Records The email system on the Internet require Zimbra Mail record that is accessible on the public DNS in order to be able to find the Post Office (Mail Server) that is responsible for the delivery of mail destined to a specific addressee (domain) in this instance : mail.emakhazenilm.co.za / zimbra Record for domain: emakhazenilm.local 10.1.2.4 Mail Server Only one mail server is implemented and is located in the server room at Emakhazeni Local Municipality. The name of the server is Virtual Drive - Zimbra 34

10.1.2.5 Client Access Access to E-Mail is via Microsoft Outlook, Outlook Web Access (OWA) as well as Outlook Mobile Access. 10.1.2.6 Inbound Observations No unified E-Mail management service is currently used. (Spooling, archiving, etc.) 10.1.2.7 Outbound Observations No unified E-Mail management service is currently used. (Spooling, archiving, SMTP relay, etc.) 10.1.3 Mail Service - Backups Loaded on the Mail server and backs up the DR Server daily. CentOS - Zimbra DEVICE IP 192.168.30.243 SERVER ROLE BACKUP GROUP BACKUP SCHEDULE Zimbra Server EMAKHAZENI LM\SERVERS LAST SUCCESSFUL BACKUP 11 June 2013, 19:00 DATA RETENTION PERIOD OFFSICTE DATA RETENTION PERIOD DATA RECOVERY POINT ESTIMATED RESTORE TIME Daily backups for this backup set occurs at 19h00 2 months Offsite backups to B-site RPO (Recovery Point Objective) 24 hours, we run backups daily 1 Hour (depending on data size) 10.1.4 Mail Service Recovery Procedures There are two facets to the recovery of the Mail Service. As a disaster can be invoked due to total mail system outage or component outage which affects only a subset of the mail service but can cause the mail service not to function. 10.1.4.1 Mail Service Component Recovery Procedure Component failures are the more general types of service failures to be experienced in an organisation. These failures could be hardware, software, network or connectivity related. EXCHANGE MAIL SERVER Component Responsible Company / Department Contact Details: Service Desk Zimbra Mail Server INTEL SERVER Emakhazeni Local Municipality ICT Department N/A Actions Hardware - Log a call with supplier to replace the damaged components. Hardware After hardware has been repaired and should the Exchange service still not work rebuild Exchange Server from backup if necessary. Follow the Full Recovery Procedure. Software If problem cannot be rectified, rebuild from last available backup using the Full Recovery Procedure. Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed up and the equipment is available) 35

10.1.5 Mail Service - Risk & Impact Analysis The Mail Service is an important part of the organisation. Mail Services though simple in function are often complex by design and require various other services to function. These include all of the Essential ICT Services in the organisation including the Network, Firewall, and Domain Controller as well as external service providers for the DNS (MX Record) components. ESTIMATED SERVICE RESTORATION TIME 3 DAYS OVERAL RISK RATING 10 (MEDIUM) SERVICES COMPONENT IMPACT DESCRIPTION IMPACT LIKELIHOOD RISK RATING DNS Provider Service MX record affects mail delivery No mail flow out of the organisation ESTIMATED RECOVERY TIME 5 1 5 (LOW) 2 DAYS Exchange Service Service No mail flow internally or externally in the organisation 5 1 5 (LOW) 1 DAY Exchange Server Hardware No mail flow internally or externally in the organisation 5 2 10 (MEDIUM) 3 DAYS 10.2 Munsoft Service - Overview Munsoft is Municipal Financial & Billing software generally used by the Finance Department. As part of the Munsoft service a recovery strategy is in place to assist a Municipality in the event of a disaster. The service includes both backups and DR infrastructure. This process involves making the Application available on the recovery platform at ICTNA or onsite. 10.2.1 Munsoft Service - Architecture & Design Munsoft is one of the financial systems of Emakhazeni Local Municipality and as such is a very important system. 36

10.2.2 Munsoft Service - Functional Components PHYSICAL DEVICE PHYSICAL LOCATION IP ADDRESS NOTES 256k Telkom Line (Circuit 63-19439-66) Server Room N/A CISCO - Router Server Room N/A Provisioned by Telkom as part of the Munsoft MPLS network. IBM - Munsoft Server Room 192.168.30.1 10.2.3 Munsoft Service - Backups Loaded on the App server which houses the VIP application and backs up the Mail Databases of the machine. MUNSOFTDR\EMAKHAZENI LM DEVICE IP 192.168.30.1 USER BACKUP GROUP BACKUP AGENT VERSION 7.0.1 BACKUP SCHEDULE Financial System MUNSOFTDR LAST SUCCESSFUL BACKUP 13 June 2013, 19:00 DATA RETENTION PERIOD OFFSICTE DATA RETENTION PERIOD DATA RECOVERY POINT ESTIMATED RESTORE TIME Daily backups for this backup set occurs at 22h00 2 roll-ups 2 roll-ups RPO (Recovery Point Objective) 24 hours, we run backups daily 12 minutes 10.2.4 Munsoft Service Full Recovery Procedure MUNSOFT SERVICE Component As part of the Munsoft range service Emakhazeni Local Municipality has subscribed to the Munsoft DR Service. This service is provided by Munsoft / ICTNA and covers any DR failure on the financial system. Responsible Company / Department Contact Details: Service Desk IBM Server Emakhazeni Local Municipality ICT Department N/A Actions Emakhazeni Local Municipality ICT Department to call ITNA on 012682-9242 Request to invoke Munsoft Disaster with ICTNA o You will be asked a security question o The operator will issue an incident reference number The service provider will provide you with updates as to the DR recovery progress o Database recovery progress o Restoration of Munsoft Service Emakhazeni Local Municipality to make staff available for testing on the financial system. This should ideally be person from both the Finance and ICT Department Emakhazeni Local Municipality to obtain at minimum 1 x 80 Column Line Matrix Printers, 1 x 136 Column Line Matrix Printer and 1 x High Volume Multi-Function Printer Emakhazeni Local Municipality to make staff available for testing on the financial system. This should ideally be person from both the Finance and ICT Department Post Recovery A new server will be need to be procured Munsoft / ICTNA will re-install and restore the system Further printers to be procured for optimal work distribution by Emakhazeni LM Potential time of service interruption Estimated recovery time There is a service contract in place that would limit potential downtime to a minimum. Downtime can be up to 16 work hours. Next Business Day 37

10.2.5 Munsoft Service Component Recovery Procedure MUNSOFT SERVICE Component Responsible Company / Department Contact Details: Service Desk IBM Server Emakhazeni Local Municipality ICT Department N/A Actions Emakhazeni Local Municipality ICT Department to call ICTNA on 012 682-9242 / 0861 234 862 (Office Hours) Report hardware fault o The operator will issue an incident reference number The service provider will provide you with updates as to the hardware repair o Provide estimated IBM Technician arrival o Provide progress as to hardware repairs from IBM Emakhazeni Local Municipality to make staff available for testing on the financial system. This should ideally be person from both the Finance and ICT Department Post hardware repairs, should the Munsoft service still not work a rebuild of the system may be required. Follow the Full Recovery Procedure. Munsoft / ICTNA will re-install and restore the system if required. Post component (Software or Hardware) failure repair, if a problem cannot be rectified via the replacement component a rebuild from last available backup may be required. This is done using the Full Recovery Procedure provided by Munsoft / ICTNA. Potential time of service interruption Estimated recovery time There is a service contract in place that would limit potential downtime to a minimum. Downtime can be up to 16 work hours. Next Business Day 10.2.6 Munsoft Service - Risk and Impact Analysis ESTIMATED SERVICE RESTORATION 2 DAYS / 16 HOURS TIME OVERAL RISK RATING 5 (LOW) SERVICES COMPONENT IMPACT DESCRIPTION IMPACT LIKELIHOOD RISK RATING ESTIMATED RECOVERY TIME Munsoft Service No access to the financial system 5 1 5 (LOW) 1 DAYS Munsoft - Oracle Service No access to the financial system Database damage would need to be repaired. 5 1 5 LOW) UNKOWN REPAIIR TIME (Could recover to last successful backup) IBM Server Server No access to the financial system 5 1 5 (LOW) Next Business Day (16 HOURS) 10.3 VIP Payroll Overview VIP Payroll Premier is one of the financial systems deployed at Emakhazeni Local Municipality and as such is a very important system. VIP provides NDM with functionalicty to manage HR 38

and Payroll functions. Sage / Softline is the company behind VIP Payroll Premier. The VIP Premier Payroll & HRM system provides one integrated solution for payroll and human resource management. 10.3.1 VIP Payroll Service - Architecture & Design Client PC s Client PC s LAN MFP Client PC s Client PC s 10.3.2 VIP Payroll Service - Functional Components PHYSICAL DEVICE PHYSICAL LOCATION IP ADDRESS NOTES Internet Router (Cisco 1900) Server Room N/A Firewall Server Room 192.168.30.248 Core Switch - (3COM) Server Room N/A VIP Server Room 192.168.30.248 10.3.3 VIP Payroll Service - Backups Loaded on the App server which houses the VIP application and backs up the Mail Databases of the machine. VIP SERVER DEVICE IP 192.168.30.149 39

SERVER ROLE Application Server BACKUP GROUP EMAKHAZENI LM-SRV\SERVERS BACKUP AGENT VERSION 7.0.1 BACKUP SCHEDULE Daily backups for this backup set occurs at 19h00 DATA RETENTION PERIOD 2 months OFFSITE DATA RETENTION PERIOD 192.168.30.149 DATA RECOVERY POINT RPO (Recovery Point Objective) 24 hours, we run backups daily ESTIMATED RESTORE TIME 11 minutes 10.3.4 VIP Payroll Service Full Recovery Procedure VIP PAYROLL SERVICE Component Responsible Company / Department Contact Details: Service Desk INTEL SERVER Emakhazeni Local Municipality ICT Department N/A Actions Secure / procure a server that meets the minimum requirements. Install OS, Service Packs and fixes from media Install Attix5 agent and connect account (EMAKHAZENI LM-SRV\SERVERS\NDMSVMBGFAPP01) to Storage Platform o Restore VIP data to original location (D:\SoftlineVIP\Payroll\Premier\) on server Make a copy of the VIP Premier shortcut on the desktop and rename ICT to e.g. VIP_Emakhazeni LM Right click on VIP_Emakhazeni LM shortcut and click on properties o change target to : D:\SoftlineVIP\Payroll\Premier\wrun32.exe -s -c cblconfi vipsal.acu o change start in to : D:\SoftlineVIP\Payroll\Premier\ Emakhazeni Local Municipality to make staff available for testing on the VIP Payroll financial system. This should ideally be person from both the Finance and ICT Department Note: use the new VIP_ Emakhazeni LM shortcut on the desktop to access VIP Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed up and the equipment is available) 40

10.3.5 VIP Payroll Service Component Recovery Procedure VIP PAYROLL SERVICE Component Responsible Company / Department Contact Details: Service Desk INTEL SERVER Emakhazeni Local Municipality ICT Department N/A Actions Hardware - Log a call with Supplier to replace the damaged components. Hardware After hardware has been repaired and should the VIP service still not work a rebuild of the Server from backup may be necessary. Follow the Full Recovery Procedure in order to restore the VIP Service. Software If problem cannot be rectified, rebuild from last available backup using the Full Recovery Procedure to restore the VIP service Emakhazeni Local Municipality to make staff available for testing on the VIP Payroll financial system. This should ideally be person from both the Finance and ICT Department Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed up and the equipment is available) 10.3.6 VIP Payroll Service - Risk and Impact Analysis ESTIMATED SERVICE RESTORATION TIME 3 DAYS OVERAL RISK RATING 6 (LOW) SERVICES COMPONENT IMPACT DESCRIPTION VIP Application & Data Service No finance user will be able to perform work on the VIP Payroll system HR & Payroll services will be interrupted NDMSVMBGFAPP01 Server No finance user will be able to perform work on the VIP Payroll system HR & Payroll services will be interrupted IMPACT LIKELIHOOD RISK RATING ESTIMATED RECOVERY TIME 3 1 3 (LOW) 2 DAYS 3 2 6 (LOW) 3 DAYS 10.4 VIP ESS Service Overview The Premier ESS (Employee Self Service) system is designed to assist with the organisations leave process. This online / web based module integrates with our Sage VIP Premier Payroll and Premier HR systems, allowing your employees to apply for leave online. 41

10.4.1 VIP ESS Service - Architecture & Design The Premier ESS service is installed on the APP and DATABASE server and is connected to the network for the end users to be able to access the web portal located on the APP server. 10.4.2 VIP ESS Service - Functional Components PHYSICAL DEVICE PHYSICAL IP ADDRESS LOCATION VIP ESS Portal Server Room 192.168.30.149 NOTES Domain Controller Server Room 192.168.30.248 10.4.3 VIP ESS Service - Backups The Attix5 agent is loaded on the NDMSVMBGFDAT01 and NDMSVMBGFAPP01 servers where the VIP ESS application is installed. VIP SERVER DEVICE IP 192.168.30.149 SERVER ROLE BACKUP GROUP BACKUP AGENT VERSION 7.0.1 BACKUP SCHEDULE File / Data Management System EMAKHAZENI LM-SRV\SERVERS LAST SUCCESSFUL BACKUP 11 June 2013, 19:00 DATA RETENTION PERIOD OFFSICTE DATA RETENTION PERIOD DATA RECOVERY POINT ESTIMATED RESTORE TIME Daily backups for this backup set occurs at 19h00 2 months Offsite backups to DR-site RPO (Recovery Point Objective) 24 hours, we run backups daily 24 minutes 42

10.4.4 VIP ESS Service Full Recovery Procedure VIP ESS SERVICE Component Responsible Company / Department Contact Details: Service Desk INTEL SERVER Emakhazeni Local Municipality ICT Department N/A Actions Secure / procure a server/s that meets the minimum requirements. VIP ESS Database Server Install OS, Service Packs and fixes from media on server o Restore VIP ESS data to SQL on server o Attach ESS database to SQL VIP ESS Application Server Install OS, Service Packs and fixes from media on server Install IIS service with all components from media Install VIP ESS from media o Follow ESS Configuration Wizard o Add database details (Name, Server, Authentication Details) Test ESS service- Emakhazeni Local Municipality to make staff available for testing on the VIP ESS financial system. This should ideally be persons from both the Finance and ICT Department Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed up and the equipment is available) 10.4.5 VIP ESS Service Component Recovery Procedure VIP ESS SERVICE Component Responsible Company / Department Contact Details: Service Desk INTEL SERVER Emakhazeni Local Municipality ICT Department N/A Actions Hardware - Log a call with HP to replace the damaged components. Get the incident number from the service operator. Hardware After hardware has been repaired and should the VIP ESS Service still not work a rebuild of the NDMSVMBGFAPP01 or NDMSVMBGFDAT01 Server from backup may be necessary. Follow the Full Recovery Procedure in order to restore the VIP ESS Service. Software If problem cannot be rectified, rebuild eicther or both servers from last available backup using the Full Recovery Procedure to restore the ESS Service. Emakhazeni Local Municipality to make staff available for testing on the VIP ESS financial system. This should ideally be persons from both the Finance and other departments. Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed up and the equipment is available) 43

10.4.6 VIP ESS Service - Risk and Impact Analysis ESTIMATED SERVICE RESTORATION TIME 3 DAYS OVERAL RISK RATING 6 (LOW) SERVICES COMPONENT IMPACT DESCRIPTION VIP ESS Application Service No end user will be able to perform work on the VIP ESS system HR & Payroll services will be interrupted VIP ESS Data Service No end user will be able to perform work on the VIP ESS system HR & Payroll services will be interrupted NDMSVMBGFAPP01 Server No end user will be able to perform work on the VIP ESS system HR & Payroll services will be interrupted ELM01 Server No end user will be able to perform work on the VIP ESS system HR & Payroll services will be interrupted IMPACT LIKELIHOOD RISK RATING ESTIMATED RECOVERY TIME 3 1 3 (LOW) 2 DAYS 3 1 3 (LOW) 2 DAYS 3 2 6 (LOW) 3 DAYS 3 2 6 (LOW) 3 DAYS 10.5 CaseWare Service - Overview CaseWare is a financial reporting and analysis application used exclusively by the Finance Department. This is a niche system used by few personnel, in Emakhazeni Local Municipality case one (1) the Chief Financial Officer in the Finance Department. 10.5.1 CaseWare Service - Architecture & Design The software is installed on the whom is an end user in the organisation. On the CaseWare software connects to the Munsoft Service to pull data into the models created by the user. These configurations, models and template are stored on the locale machine. 10.5.2 CaseWare Service - Functional Components PHYSICAL DEVICE PHYSICAL LOCATION IP ADDRESS NOTES IBM - Munsoft Server Room 192.186 Data is imported into CaseWare from Munsoft Workstation Finance Office 192.168 Workstation used by Finance Manager. 44

10.5.3 CaseWare Service Full Recovery Procedure CASEWARE SERVICE Component Workstation (Windows 7) Responsible Company / Department Contact Details: Service Desk Emakhazeni Local Municipality ICT Department N/A Actions Secure / procure a workstation / server Install Microsoft OS, Service Packs and fixes from media (Desktop or Server OS) Install Attix5 agent and connect account (EMAKHAZENI LM-PC\COMPUTERS\LPMB01FSALS01) to Storage Platform o Restore CaseWare data to device Install CaseWare from media Restore / copy CaseWare data from local device to new CaseWare folder. Emakhazeni Local Municipality to make staff available for testing on the CaseWare financial system. This should ideally be person from both the Finance (Chief Financial Officer) and ICT Department Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed up and the equipment is available) 10.5.4 CaseWare Service Component Recovery Procedure CASEWARE SERVICE Component Workstation (Windows 7) Responsible Company / Department Contact Details: Service Desk Emakhazeni Local Municipality ICT Department N/A Actions If the Software for CaseWare is still covered by warranty log a call to request ICT to be repaired. Ensure an incident number is taken from the service provider with an ETA. Post the hardware repair, should the CaseWare service still not work a rebuild of the CaseWare workstation may be required. Ensure that the end users data is backed up along with the CaseWare before such an event ICT under taken. Follow the Full Recovery Procedure in order to restore the CaseWare Service. Emakhazeni Local Municipality to make staff available for testing on the CaseWare financial system. This should ideally be person from both the Finance (Chief Financial Officer) and ICT Department Potential time of service interruption Estimated recovery time This is a service that is managed by Emakhazeni Local Municipality ICT Department and as such there exists no external uptime guarantee or SLA. The time to recover is governed by the time to procure the required hardware and the reinstallation of software and the configuration thereof. 3 Days (If the configuration is backed up and the equipment is available) 45

10.5.5 CaseWare Service - Risk and Impact Analysis ESTIMATED SERVICE RESTORATION TIME 3 DAYS OVERAL RISK RATING 10 (MEDIUM) SERVICES COMPONENT IMPACT DESCRIPTION IMPACT LIKELIHOOD RISK RATING CaseWare Service (Chief Financial Officer) won t be able to use the CaseWare service for reporting 5 2 10 (MEDIUM) ESTIMATED RECOVERY TIME 3 DAYS LPMB01FSALS01 Workstation (Chief Financial Officer) won t be able to use the CaseWare service for reporting 5 2 10 (MEDIUM) 3 DAYS 11. Non-Core Services The following section covers services that were identified in the environment and deemed nonessential or non-core to the Emakhazeni Local Municipality during the development of this report. 11.1 GIS Service (TGIS) TGIS is running a Proof of Concept for their GIS service / software with the Technical Services department. Once the formal go ahead for the permanent use of the service has been given ICT is recommended that the ICT department partake in the take on process should management of the service be handled by Emakhazeni LM ICT. The GIS service should fall in line with the rest of the operating procedures of ICT and during the take-on amendments to the ICT support process should be made to factor in the GIS support. 11.2 IP Cameras Service The IP Cameras that cover the section of the server room is managed by ICT Department. The other cameras in the building fall under Corporate Services. These Cameras stream live and there are no recordings generated or kept. 11.3 Access Control Service The Access Control is managed and maintained by Corporate Services. 11.4 Corporate Printing Service Corporate Services High Volume Printers & Binders used for Agenda s / Minutes / Municipal Tender Documents etc. will be outsourced in the event of a disaster until new equipment is sourced. 11.5 Telephony Services Emakhazeni LM makes use of various Telkom OptiCon PRI which is a service rendered to the Municipality by Telkom. These PRI also make use of Telkom lines for the delivery of voice. OptiCon is a managed telephony service provided by Telkom and as such in the event of an incident Telkom will provide the relevant assistance. 46

12. Annexure 12.1 Software List MANUFACTURER DESCRIPTION TYPE OPEN SOURCE CENTOS Base operating system OS OPEN SOURCE CENTOS Base operating system OS OPEN SOURCE CENTOS Database server software DATABASE VIRTUAL DRIVE ZIMBRA Email, contacts, calendaring software APPLICATION VIRTUAL DRIVE CLEAROS User Account Management Software APPLICATION UNTANGLE Firewall & Antivirus suite software ANTIVIRUS Sage VIP Payroll Premier Payroll software APPLICATION Sage VIP ESS Human Resource & Self-help portal software APPLICATION CaseWare Business Intelligence software APPLICATION 47