SCHEDULE 3.9 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT DISASTER RECOVERY PLAN GUIDELINES



Similar documents
ADDENDUM 5 TO APPENDIX 4 TO SCHEDULE 3.3

The Global Leader in Business Continuity Software and Services (800)

9.0 Data Center Facilities Requirements

DATA RECOVERY SOLUTIONS EXPERT DATA RECOVERY SOLUTIONS FOR ALL DATA LOSS SCENARIOS.

Facilitated By: Ken M. Shaurette, CISSP, CISA, CISM, CRISC FIPCO Director IT Services

Post-Class Quiz: Business Continuity & Disaster Recovery Planning Domain

Business Continuity Management Software

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

Running head: COMPONENTS OF A DISASTER RECOVERY PLAN 1

PBSi Business Continuity Planning

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

How To Prepare For A Disaster

Fundamentals of Business Continuity Planning Have a Plan!

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

HB A Practitioners Guide to Business Continuity Management

Business Continuity and Disaster Planning

APPENDIX 3 TO SCHEDULE 8.1

Verizon, 911 Service and the June 29, 2012, Derecho

Contingency Planning and Disaster Recovery for BOMA

REQUEST FOR PROPOSALS. Business Continuity Planning Consultant Services APPENDIX C RFP STATEMENT OF WORK EXHIBITS 1-3

Desktop Scenario Self Assessment Exercise Page 1

IT Service Continuity Management PinkVERIFY

ITIL: Foundation (Revision 1.6) Course Overview. Course Outline

Overview of how to test a. Business Continuity Plan

2015 CEO & Board University Taking Your Business Continuity Plan To The Next Level. Tracy L. Hall, MBCP

GAO. Year 2000 Computing Crisis: Business Continuity and Contingency Planning

Implementation Plan for Version 5 CIP Cyber Security Standards

ITIL Foundation for IT Service Management 2011 Edition

Business Continuity / Disaster Recovery Context

Business Continuity Planning

Business Continuity and Emergency Preparedness Planning. Vandita Zachariah, MA, MBA, CIA HHSC Internal Audit Division May 21, 2010

SCHEDULE 25. Business Continuity

How To Manage A Disruption Event

Assurance 360 Performa. Ensuring a Secure, Reliable and High-Performing Control System

Hanh Do, Director, Information System Audit Division, GAA. SUBJECT: Review of HUD s Information Technology Contingency Planning and Preparedness

BUSINESS CONTINUITY: BEST PRACTICE, 2ND EDITION

DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY

Business Continuity Management

Best Practices in Developing an IT Disaster Recovery Plan. Vijaykumar Kulkarni AGM Product Management

I S O I E C I N F O R M A T I O N S E C U R I T Y A U D I T T O O L

Business Continuity Management Governance. Frank Higgins Abu Dhabi March 2015

1. Verzeichnis der ITIL V3 Service Strategy Prozesse

Internal Audit Department NeighborWorks America. Audit Review of the Business Continuity Plan (BCP) Management and Documentation

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.

Business Continuity Plan

Prepared by Rod Davis, ABCP, MCSA November, 2011

CSC AND THE BUSINESS CONTINUITY MATURITY ASSESSMENT PROGRAM

Business Continuity Position Description

SOUTH LAKELAND DISTRICT COUNCIL INTERNAL AUDIT FINAL REPORT IT IT Backup, Recovery and Disaster Recovery Planning

Intel Business Continuity Practices

ERM006 ERM and Business Continuity Management: Together at Last RIMS Annual Conference April 13, 2016

Business Continuity and Disaster Recovery Service & Solutions. Kevin Kelly: President - Agile360 Kevin Burton: President - Burton Asset Management

FISCAL PLAN RESPONSE TO THE AUDITOR GENERAL

B.1 DISASTER RECOVERY

Case Study: Business Continuity Planning for Site- Level Disaster. Kimberley A. Pyles Northrop Grumman Corporation

THE BUSINESS CASE FOR BUSINESS CONTINUITY MANAGEMENT SOFTWARE

A BCP Tale: From Theory to Practice

Service Catalog. it s Managed Plan Service Catalog

Business Continuity Exercise Program (BCEP) Information Packet

ADDENDUM 1 TO APPENDIX 1 TO SCHEDULE 3.3

The PNC Financial Services Group, Inc. Business Continuity Program

SCADA Business Continuity and Disaster Recovery. Presented By: William Biehl, P.E (mobile)

Introduction UNDERSTANDING BUSINESS CONTINUITY MANAGEMENT

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

The PNC Financial Services Group, Inc. Business Continuity Program

Business Continuity Planning and Disaster Recovery Planning

Microsoft Services Premier Support. Security Services Catalogue

ITIL V3 Service Lifecycle Key Inputs and Outputs

Professional Practice Eight - Business Continuity Plan Exercise, Audit, and Maintenance

Service Availability Metrics

Neverfail Solutions for VMware: Continuous Availability for Mission-Critical Applications throughout the Virtual Lifecycle

Building a Disaster Recovery Program By: Stieven Weidner, Senior Manager

Datacenter Migration Think, Plan, Execute

END TO END DATA CENTRE SOLUTIONS COMPANY PROFILE

Security in Space: Intelsat Information Assurance

MHA Consulting. Business Continuity Management 101

Business Continuity Planning Instructions

Office of Inspector General

A Review of the Disaster Recovery Testing Process

BUSINESS CONTINUITY PLANNING AT THE NATIONAL GALLERY OF AUSTRALIA. Erica Persak

Transcription:

SCHEDULE 3.9 TO THE COMPREHENSIVE INFRASTRUCTURE AGREEMENT

Disaster Recovery Plan Guidelines Northrop Grumman will provide a comprehensive disaster recovery plan that incorporates Disaster Recovery Institute International (DRII) standards. The disaster recovery plan codeveloped by VITA and Northrop Grumman, will address the Commonwealth s mission-critical business functionality and processes, and the associated mission critical IT environment as described in the VITA developed Statement of Work. During the first several months of transition, Northrop Grumman will complete a review of the existing Commonwealth s business impact analysis (BIA) and the current disaster recovery plan. Northrop Grumman will collaborate with VITA and the Commonwealth to review and validate the existing business continuity and disaster recovery plan(s) and procedures. Northrop Grumman will take a partnership approach to create and deliver a customized Disaster Recovery Plan to VITA that will include collecting and reviewing available current, existing business impact analyses, business continuity plans, and disaster recovery plans. Working jointly with VITA, Northrop Grumman will collaborate on the current condition and relevance of the existing business impact analysis, business continuity plans, and disaster recovery plans. This method will help define and implement service continuity and disaster recovery standards throughout the Commonwealth. Northrop Grumman will work with VITA to update existing Disaster Recovery Plans for each Commonwealth location requiring disaster recovery services. This includes the existing Richmond Plaza Building, the newly proposed Richmond Enterprise Solutions Center, and any remote agency(s) requiring disaster recovery services. Northrop Grumman will develop a comprehensive recovery process, which includes planning, prevention, preparation, annual testing, and training throughout the lifetime of the mission-critical applications or systems. Each annual disaster recovery exercise will include a Disaster Recovery Exercise Report and Action Plan based on the outcome of the exercise. The Action Plan will address incidents encountered during the recovery exercise, procedural issues, and recommended restoration improvements. The Disaster Recovery Plan will be updated as required after each disaster recovery exercise. Northrop Grumman will incorporate DRII standards and methodologies to improve existing or develop each new Disaster Recovery Plans. The following is an outline of the recovery plan. Develop Disaster Recovery Plan Determine plan development requirements Define continuity management and control requirements Define scope of recovery Identify and define the format and structure of major plan components Draft the recovery plans Define business continuity and crisis management procedures Develop damage assessment/restoration strategy PAGE 1

Develop general introduction or overview Develop administration team documentation Develop business operations team documentation Develop information technology recovery team documentation Develop communication systems plans Develop agency applications plans Implement agency recovery plans by location Establish plan distribution and control procedures Maintain and Exercise Disaster Recovery Plan Establish an exercise program Determine exercise requirements Develop realistic scenarios Establish exercise evaluation criteria and document findings Create an exercise schedule Prepare exercise control plan and reports Facilitate exercises Provide post-exercise reporting Provide feedback and monitor actions resulting from exercise Define plan maintenance scheme and schedule Formulate change control procedures Establish status reporting procedures Audit objectives Emergency Response and Operations Plan Identify components of emergency response procedure Develop detailed emergency response procedures Identify command and control requirements Include command and control procedures Identify emergency response and triage Formulate salvage and restoration approach Public relations and crisis coordination plan Identify and develop a proactive crisis communications program Establish essential crisis communication plans with external agencies as appropriate PAGE 2

Establish essential communications plans with internal and external agencies to keep the information flowing, as appropriate Establish essential crisis communications plans with the media outlets Develop and facilitate exercises for crisis communication plans Coordination with External Agencies Identify applicable laws and regulations governing emergency management Identify and coordinate with agencies supporting business continuity plans Develop and facilitate exercises with external agencies Awareness and Training Programs Define awareness and training objectives Develop and deliver various types of training programs as appropriate by agency Develop disaster recovery awareness programs Identify other opportunities for education Disaster Recovery Plan Automated Tool Using the Commonwealth s business impact analysis report and information obtained through business impact studies conducted by Northrop Grumman, Northrop Grumman will develop Disaster Recovery Plans by agency location throughout the contract period as requested by the Commonwealth. The analysis of this information will provide the Commonwealth and Northrop Grumman the ability to pinpoint critical business applications and the technical infrastructure associated with them. Northrop Grumman will use the following Strohl products to aid in the creation, development and maintenance of the business impact analyses, disaster recovery plans, and emergency management plans. Business Impact Analysis Professional Provides management a detailed picture of financial and operational vulnerabilities, impacts, and recovery strategies Living Disaster Recovery Planning System (LDRPS) to design and create the automated Disaster Recovery Plan(s) Makes Disaster Recovery planning quick and easy, from laying the groundwork to maintaining, through to testing. Incident Manager for Emergency Management planning and documentation Organize information essential to VITA s recovery Coordinate the recovery process across VITA s organization Monitor VITA s recovery Activate business continuity plans PAGE 3

Disaster Recovery Process Lifecycle The Disaster Recovery process lifecycle in Exhibit 1 illustrates Northrop Grumman s continuous improvement process used to maintain accuracy and quality assurance that is built into the IT service continuity and disaster recovery support and services delivery. Using Northrop Grumman s continuous improvement process, Disaster Recovery Plans will be updated using lessons learned reports and action plans derived after each test. At regularly scheduled meetings, Northrop Grumman will solicit disaster recovery change information from the Commonwealth subject matter expects (SMEs) and Northrop Grumman technical teams. The Northrop Grumman disaster recovery Manager will attend technical change meetings to acquire information which may affect recovery of business applications. Northrop Grumman s solution supports the full spectrum of service continuity management and disaster recovery. It includes international best in class DRII standards and methodologies; ITSCM structure and proven practices; and the Strohl business impact analysis, disaster recovery planning, and emergency management toolset to automate and document the solutions. Exhibit 1. The Disaster Recovery Process Lifecycle PAGE 4

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information