OUHSC Information Technology Department |
Resource and Data Recovery: Supporting documents: Full policy Information system resource and data owners must establish, test and revise, and implement as needed resource and data recovery plans and procedures to ensure business continuity and the ability to restore any loss of sensitive information system resources or data. At a minimum, these recovery plans must include:
Information system resource and data owners must create and document a disaster recovery plan and procedures to recover its information systems, resources, and data in the event of a disaster. Information system resource and data owners must create and document contingency plans and procedures for responding to an emergency or other incident which may occur (for example: vandalism, theft, system or power failure) during a disaster or as a random event. Information system resource and data owners must create and document an emergency operations plan and procedures for the protection of sensitive data during a disaster, emergency or other occurrence which may impact the protection of sensitive data. The emergency operations plan must reasonably ensure all sensitive data is protected prior to, during, and after the implementation/completion of any recovery plan or procedure. Information system resource and data owners must establish a data backup plan and procedures to ensure exact copies of sensitive data are created, maintained, and available for the restoration of any loss. A testing and revision plan must be established and implemented to ensure the periodic testing of recovery plans and related procedures. This plan should define the cycle and scope of the tests, training of those involved, and the type of tests performed (exercise or real operational scenario) based on acceptable business impact for testing. Employees must receive regular training on these plans and procedures and have access to a current copy at all times. An appropriate number of copies of the plans and procedures must be kept off-site. |
|
Copyright © 2006 The Board of Regents of the University of Oklahoma, All Rights Reserved.- Disclaimer | Copyright |