IT DIsasTer recovery PolIcy 1
|
|
- Curtis Short
- 5 years ago
- Views:
Transcription
1 IT Disaster Recovery Policy 1
2 1. PURPOSE An IT recovery strategy plan is necessary to minimize the effect of unexpected and undesirable situations affecting critical information or other parts of the organization s information systems and to recover quickly and effectively as possible from unseen disasters. 2. SCOPE To make sufficient preparations and to establish a set of agreed upon procedures for responding to a disaster or emergency in order to minimize risk in the organization. Ensure that proposed contingency arrangements are time-effective. 3. SAMRAS DRP PROCEDURE Check if mirror was successful to SAMRAS DRP server. If not restore previous successful backup from tape. Backup restoration from tape is as follows: Log in with System account (backup and restore rights) Select new backup and restore script from main menu Type yes for agreement Choose what to restore (payroll, all data etc.) by entering corresponding number. Confirm by typing yes If mirroring is successful, change IP address to by logging in with relevant super user account, use the ifconfig command to edit IP address. Reboot Test the restored installation to determine that it is fully operational. 4. IMIS AND FILE SERVER DRP PROCEDURE (same) Obtain DRP server and set the machines up as temporary server/s. Obtain the Microsoft CD s with the software and application cd s if required. Install the operating systems and load the latest service packs for the operating system to bring it to the required levels as required. Install the Backup software (Backup Exec) Steps 2-4 only if required. Restore image of previous Full and Differential backup(most recent) from NAS device: Open Symantec backup exec Run the restore backup wizard 2
3 5. PROCEDURE ACTIVITY FOR OFFSITE Locate a suitable building as a temporary Computer room. Reroute wireless connection in order to temporarily connect the various municipal sites to the temporary computer room. Obtain network router and network switch hardware from the suppliers, if needed. Obtain Server hardware as needed and set the machines up as temporary server/s Obtain the backup tapes from safe or NAS devices with backup images to restore the server. Obtain the Microsoft CD s with the software required. Obtain the various applications CD s Install the operating systems and load the latest service packs for the operating system to bring it to the required levels as required. Install the Backup software (Backup Exec) Restore backup/image of previous backup. Test the restored installation to determine that it is fully operational 6. Risk Management There are many potential disruptive threats which can occur at any time and affect the normal business process. We have considered a wide range of potential threats and the results of our deliberations are included in this section. Each potential environmental disaster or emergency situation has been examined. The focus here is on the level of business disruption which could arise from each type of disaster. Potential disasters have been assessed as follows: Potential Disaster Probability Rating Impact Rating Brief Description Of Potential Consequences & Remedial Actions Theft/ Vandalism 1 1 Burglar gates, Security camera s and security officer, access control system Fire 1 3 Fire extinguisher installed. Offsite Temporary server room Electrical storms 1 2 Power surge protection plus, UPS installed Data loss 2 3 Backup procedures in place, Backup restore testing procedure, SAMRAS DRP in place Electrical power 1 1 UPSs installed, Power surge Failure Loss of communications network services protection 2 2 Reroute wireless connection through secondary antenna s.(backup antenna s) Probability: 5=Very High, 1=Very Low Impact: 5=Total destruction, 1=Minor annoyance 3
4 7. Emergency Response Plan Triggering Events Key trigger issues at headquarters that would lead to activation of the DRP are: Total loss of all communications Total loss of power Loss of the building Assembly Points Where the premises need to be evacuated, the DRP invocation plan identifies two evacuation assembly points: Primary Main entrance in front of building; Alternate Parking lot of company at the back 8. RECORDING AND MANAGEMENT OF DRP When an incident occurs the DRP must be activated. The IT Department will then decide the extent to which the DRP must be invoked. All IT personnel must be issued a reference with contact details to be used in the event of a disaster. Responsibilities of IT are: IT Department must respond immediately to a potential disaster Assess the extent of the disaster and its impact on the business, data center, etc. DR assessment and management form to be completed Decide which elements of the DR Plan should be activated Establish and manage disaster recovery to maintain services and return to normal operation Ensure employees are notified and allocate responsibilities and activities as required Supplier Contact Info Company, Name, Title Contact Option Contact Number CEO s Technologies (servers) Work Alternate Dries Swanepoel Mobile Address Lynsey Pretorius Alternate lynseyp@ceos.co.za Bytes Technologies (Samras) Work Roland Looser Alternate Mobile Address Roland.looser@bytes.co.za Alternate Samras.support@bytes.co.za TGIS (IMIS) Work Alta Mobile Anancia Mobile Shaun Mobile Anton Mobile
5 Company, Name, Title Contact Option Contact Number Telkom (lines + phones) Work Louis Greyer Mobile Ryk Myburg Mobile Tokkie Meyer Mobile Kendall Mobile Desmond Visagie Mobile Louis Greyer Address geyerl@telkom.co.za Desmond Visagie Alternate visagidm@telkom.co.za URB (servers, , internet, Work network, wireless) Charniel Viljoen Mobile Andries Fourie Mobile Charniel Address charniel@urb.co.za Andries Alternate andries@urb.co.za Personnel Contacts Name, Title Contact Number Gilbert Lategan - Municipal Support Director Petrus Beukes Financial Director Kobus van Zyl Acting Director Corporate Services Hersiening van beleid // Reviewing of policy Hersiening van beleid geskied jaarliks waar wetgewing dit vereis (Council 26/9/2012) The reviewal of policy only be done annually where required by legislation (Council 26/9/2012) Opvolging/Succession Hierdie beleid is ook van toepassing op Siyanda Distrik Munisipaliteit se opvolger in regte. This policy is also relevant to Siyanda District Municipalities successor in law. Approved by:.. Municipal Manager Date Reviewed by Council: 30/08/2012 Amended by Council: 26/09/2012 5
Template. IT Disaster Recovery Planning: A Template
Template IT Disaster Recovery Planning: A Template When disaster strikes, business suffers. A goal of business planning is to mitigate disruption of product and services delivery to the greatest degree
More informationINFORMATION SECURITY- DISASTER RECOVERY
Information Technology Services Administrative Regulation ITS-AR-1505 INFORMATION SECURITY- DISASTER RECOVERY 1.0 Purpose and Scope The objective of this Administrative Regulation is to outline the strategy
More informationIT CONTINUITY, BACKUP AND RECOVERY POLICY
IT CONTINUITY, BACKUP AND RECOVERY POLICY IT CONTINUITY, BACKUP AND RECOVERY POLICY Effective Date May 20, 2016 Cross- Reference 1. Emergency Response and Policy Holder Director, Information Business Resumption
More informationREPORTING INFORMATION SECURITY INCIDENTS
INFORMATION SECURITY POLICY REPORTING INFORMATION SECURITY INCIDENTS ISO 27002 13.1.1 Author: Owner: Organisation: Document No: Chris Stone Ruskwig TruePersona Ltd SP-13.1.1 Version No: 1.0 Date: 1 st
More informationDisaster Recovery Committee. Learning Resource Center Specialist
This document is intended to provide operational procedures and serve as a reference for the Key Information Technology Personnel at Community Higher Ed Disaster Recovery Community Higher Ed Disaster Recovery
More informationInformation Technology Disaster Recovery Planning Audit Redacted Public Report
1200, Scotia Place, Tower 1 10060 Jasper Avenue Edmonton, Alberta T5J 3R8 edmonton.ca/auditor Information Technology Disaster Recovery Planning Audit Redacted Public Report June 12, 2018 City of Edmonton
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationBUSINESS CONTINUITY PLAN
BUSINESS CONTINUITY PLAN Signed Governor Print Name Date: November 2016 Review: November 2017 1 To provide guidance to school staff, governors and external parties on how to react to disruption major or
More informationAudit & Advisory Services. IT Disaster Recovery Audit 2015 Report Date January 28, 2015
Audit & Advisory Services IT Disaster Recovery Audit 2015 Report Date January 28, 2015 Audit & Advisory Services Mission and Function The JCCC Audit & Advisory Services department provides an independent
More informationBusiness Continuity and Disaster Recovery
Business Continuity and Disaster Recovery Index Section Title 1. Executive Summary 2. Policy Statement 3. Strategy 4. Governance 5. Key Documentation 6. Testing 1 Executive Summary Business Continuity
More informationChecklist: Credit Union Information Security and Privacy Policies
Checklist: Credit Union Information Security and Privacy Policies Acceptable Use Access Control and Password Management Background Check Backup and Recovery Bank Secrecy Act/Anti-Money Laundering/OFAC
More informationData Storage, Recovery and Backup Checklists for Public Health Laboratories
Data Storage, Recovery and Backup Checklists for Public Health Laboratories DECEMBER 2018 Introduction Data play a critical role in the operation of a laboratory information management system (LIMS) and
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationForensics and Active Protection
Forensics and Active Protection Computer and Network Forensics Research Project 2003 Work Update Yanet Manzano Florida State University manzano@cs.fsu.edu manzano@cs.fsu.edu 1 Outline CNF Project Goal
More informationTechnology Disaster Recovery Plan updated 06/16/16
Technology Disaster Recovery Plan updated 06/16/16 Overview In the case of natural or other disaster the district needs to be back in operation and functioning in all areas - business, security, education
More informationTEL2813/IS2820 Security Management
TEL2813/IS2820 Security Management Contingency Planning Jan 22, 2008 Introduction Planning for the unexpected event, when the use of technology is disrupted and business operations come close to a standstill
More informationData Backup and Contingency Planning Procedure
HIPAA Security Procedure HIPAA made Easy Data Backup and Contingency Planning Procedure Please fill in date implemented and updates for your facility: Goal: This document will serve as our back-up storage
More informationAndrew Durant/Ellen Sullivan
AGENDA ITEM: 3.5 INFORMATION MANAGEMENT, TECHNOLOGY AND GOVERNANCE COMMITTEE DATE OF MEETING: 2 OCTOBER 2018 Subject : Approved and Presented by: Prepared by: Other Committees and meetings considered at:
More informationU.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC)
U.S. Department of Health and Human Services (HHS) The Office of the National Coordinator for Health Information Technology (ONC) Security Risk Assessment Tool Physical Safeguards Content Version Date:
More informationL18: Integrate Control Disciplines to Increase Control and Save Money
L18: Integrate Control Disciplines to Increase Control and Save Money Kathleen Lucey, FBCI Montague Risk kalucey@montaguetm.com tel: 1.516.676.9234 Connections Information Security (computer security,
More informationBME CLEARING s Business Continuity Policy
BME CLEARING s Business Continuity Policy Contents 1. Introduction 1 2. General goals of the Continuity Policy 1 3. Scope of BME CLEARING s Business Continuity Policy 1 4. Recovery strategies 2 5. Distribution
More informationTable of Contents. Sample
TABLE OF CONTENTS... 1 CHAPTER 1 INTRODUCTION... 4 1.1 GOALS AND OBJECTIVES... 5 1.2 REQUIRED REVIEW... 5 1.3 APPLICABILITY... 5 1.4 ROLES AND RESPONSIBILITIES SENIOR MANAGEMENT AND BOARD OF DIRECTORS...
More information3.3 Understanding Disk Fault Tolerance Windows May 15th, 2007
3.3 Understanding Disk Fault Tolerance Windows May 15th, 2007 Fault tolerance refers to the capability of a computer or network to continue to function when some component fails. Disk fault tolerance refers
More informationICT DISASTER RECOVERY PLAN. FIRST DRAFT: ET 2015#11 (21 October 2015) None to Date
POLICY: ICT DISASTER RECOVERY PLAN FIRST DRAFT: ET 2015#11 (21 October 2015) ADOPTED: BR 2016#01 (16 March 2016) AMENDMENTS: None to Date REVIEW: March 2021 Contents 1.0 Review... 3 2.0 Goal of Disaster
More informationInformation Security Policy
April 2016 Table of Contents PURPOSE AND SCOPE 5 I. CONFIDENTIAL INFORMATION 5 II. SCOPE 6 ORGANIZATION OF INFORMATION SECURITY 6 I. RESPONSIBILITY FOR INFORMATION SECURITY 6 II. COMMUNICATIONS REGARDING
More informationUlster University Policy Cover Sheet
Ulster University Policy Cover Sheet Document Title DATA CENTRE ACCESS POLICY 3.2 Custodian Approving Committee Data Centre & Operations Manager ISD Committee Policy approved date 2017 09 08 Policy effective
More informationData Recovery Policy
Data Recovery Policy The Marketware, Inc. Contingency Plan establishes procedures to recover Marketware, Inc. following a disruption resulting from a disaster. This Disaster Recovery Policy is maintained
More informationHurricane and Storm Commercial Damage Assessment
Hurricane and Storm Commercial Continue to follow all evacuation orders. Stay up-to-date on current hurricane and storm information by visiting the U.S. National Hurricane Center. How to Conduct s:. PREPARE
More informationDisaster Recovery Plan. Serving Community Care College Clary Sage College Oklahoma Technical College
2018 Disaster Recovery Plan Serving Community Care College Clary Sage College Oklahoma Technical College 1 Introduction Information Technology Statement of Intent Policy Statement Objectives Key Personnel
More informationBusiness Continuity Plan Executive Overview
Business Continuity Plan Executive Overview In terms of business continuity and disaster recovery planning, Harland Clarke s mission is to ensure the availability of critical business functions and Information
More informationUCLA AUDIT & ADVISORY SERVICES
UCLA AUDIT & ADVISORY SERVICES Edwin D. Pierce, CPA, CFE Director September 4, 2015 10920 Wilshire Boulevard, Suite 700 Los Angeles, California 90024-1366 310 794-6110 Fax: 310 794-8536 SENIOR VICE PRESIDENT/CHIEF
More informationSHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT
SHELTERMANAGER LTD CUSTOMER DATA PROCESSING AGREEMENT AGREEMENT DATED [ ] BETWEEN: (1) SHELTERMANAGER LTD and (2) [ ] ( The Customer ) BACKGROUND (A) (B) (C) This Agreement is to ensure there is in place
More informationContingency Planning
Contingency Planning Introduction Planning for the unexpected event, when the use of technology is disrupted and business operations come close to a standstill Procedures are required that will permit
More informationBUSINESS CONTINUITY PLAN
BUSINESS CONTINUITY PLAN Kerry Pollard Signed Governor Print Name Date: November 2017 Review: November 2018 1 To provide guidance to school staff, governors and external parties on how to react to disruption
More informationDISASTER RECOVERY PRIMER
DISASTER RECOVERY PRIMER 1 Site Faliure Occurs Power Faliure / Virus Outbreak / ISP / Ransomware / Multiple Servers Sample Disaster Recovery Process Site Faliure Data Centre 1: Primary Data Centre Data
More informationDATA BACKUP AND RECOVERY POLICY
DATA BACKUP AND RECOVERY POLICY 4ITP04 Revision 01 TABLE OF CONTENTS 1. REVISION RECORD... 3 2. PURPOSE... 4 3. SCOPE AND APPLICABILITY... 4 4. DEFINITIONS AND ABBREVIATIONS... 4 5. POLICY STATEMENTS...
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationOverview Bank IT examination perspective Background information Elements of a sound plan Customer notifications
Gramm-Leach Bliley Act Section 501(b) and Customer Notification Roger Pittman Director of Operations Risk Federal Reserve Bank of Atlanta Overview Bank IT examination perspective Background information
More informationUniversity Information Systems. Administrative Computing Services. Contingency Plan. Overview
University Information Systems Administrative Computing Services Contingency Plan Overview Last updated 01/11/2005 University Information Systems Administrative Computing Services Contingency Plan Overview
More informationBusiness Continuity Policy
Business Continuity Policy Version Number: 3.6 Page 1 of 14 Business Continuity Policy First published: 07-01-2014 Amendment record Version Date Reviewer Comment 1.0 07/01/2014 Debbie Campbell 2.0 11/07/2014
More informationAGENDA ITEM: 3.4 DATE OF MEETING: 3 MAY 2018 INFORMATION MANAGEMENT, TECHNOLOGY & GOVERNANCE COMMITTEE
AGENDA ITEM: 3.4 INFORMATION MANAGEMENT, TECHNOLOGY & GOVERNANCE COMMITTEE DATE OF MEETING: 3 MAY 2018 Subject: Approved and Presented by: Prepared by: Other Committees and meetings considered at: Considered
More informationAljex Software, Inc. Business Continuity & Disaster Recovery Plan. Last Updated: 1/30/2017.
Aljex Software, Inc. Business Continuity & Disaster Recovery Plan Last Updated: 1/30/2017 Table of Contents Introduction... 3 Business Continuity... 3 Employee Structure... 3 On-Site Disruption Procedures...
More informationDemand The Best. A guide to help select an Offsite Information Management Company
Demand The Best A guide to help select an Offsite Information Management Company 2 Because information is vital to the livelihood of your business, it is essential that you make the most knowledgeable
More informationDisaster recovery planning for health care data and HIPAA compliance regulations
Disaster recovery care data and HIPAA compliance regulations Disaster recovery care Disaster recovery planning takes on special importance in health care organizations dealing with patients and care delivery.
More informationINFORMATION SECURITY AND RISK POLICY
INFORMATION SECURITY AND RISK POLICY 1 of 12 POLICY REFERENCE INFORMATION SHEET Document Title Document Reference Number Information Security and Risk Policy P/096/CO/03/11 Version Number V02.00 Status:
More informationINTERNAL AUDIT SERVICES REPORT REF No 2016/ Loch Lomond & The Trossachs National Park Authority General ICT Controls
INTERNAL AUDIT SERVICES REPORT REF No 2016/17-002 Loch Lomond & The Trossachs National Park Authority General ICT Controls INDEX OF CONTENTS Section Contents Page No. 1. Audit Report Summary 3 1.1 General
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 12 Contingency Planning
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 12 Contingency Planning Learning Objectives Recognize the need for contingency planning Describe the major components of
More informationASSURING BUSINESS CONTINUITY THROUGH CONTROLLED DATA CENTER
ASSURING BUSINESS CONTINUITY THROUGH CONTROLLED DATA CENTER IT Audit, Information Security & Risk Insight Africa 2014 Johnson Falana CISA,MIT,CEH,Cobit5 proverb814@yahoo.com Overview Information technology
More informationINFORMATION TECHNOLOGY ( IT ) GOVERNANCE FRAMEWORK
INFORMATION TECHNOLOGY ( IT ) GOVERNANCE FRAMEWORK 1. INTRODUCTION The Board of Directors of the Bidvest Group Limited ( the Company ) acknowledges the need for an IT Governance Framework as recommended
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationSOUTH AFRICAN LIBRARY FOR THE BLIND (SALB)
Name of Institution SOUTH AFRICAN LIBRARY FOR THE BLIND (SALB) Bid Number SALB 2019/01/01 A Description ICT Disaster Recovery and ICT Business Continuity Services to SALB Date Published 20/03/2019 Closing
More informationTrust Services Principles and Criteria
Trust Services Principles and Criteria Security Principle and Criteria The security principle refers to the protection of the system from unauthorized access, both logical and physical. Limiting access
More informationNUIT Tech Talk. Emergency Preparedness. March 1, Sharlene Mielke. Jay Bagley. Disaster Recovery / Business Continuity Coordinator
NUIT Tech Talk Emergency Preparedness March 1, 2011 Sharlene Mielke Disaster Recovery / Business Continuity Coordinator Jay Bagley Distributed Support Specialist Information and Systems Security/Compliance
More information7.16 INFORMATION TECHNOLOGY SECURITY
7.16 INFORMATION TECHNOLOGY SECURITY The superintendent shall be responsible for ensuring the district has the necessary components in place to meet the district s needs and the state s requirements for
More informationIntroduction to Business continuity Planning
Week - 06 Introduction to Business continuity Planning 1 Introduction The purpose of this lecture is to give an overview of what is Business Continuity Planning and provide some guidance and resources
More informationPhysical and Environmental Security Policy Document Number: OIL-IS-POL-PES
Physical and Environmental Security Policy Document Number: OIL-IS-POL-PES Document Details Title Description Version 1.0 Author Classification Physical and Environmental Security Policy Physical and Environmental
More informationPOLLUTION INCIDENT RESPONSE MANAGEMENT PLAN BEREENA QUARRY
TEGRA AUSTRALIA 1 POLLUTION INCIDENT RESPONSE MANAGEMENT PLAN BEREENA QUARRY This Plan remains the property of Tegra Australia, the return of it may be called upon at any time for changes and/or upgrades.
More informationLeveraging ITIL to improve Business Continuity and Availability. itsmf Conference 2009
Leveraging ITIL to improve Business Continuity and Availability Samuel Lo MBA, MSc, CDCP, PMP, CISSP, CISA Data Centre Services Manager COL Limited Strictly Business itsmf Conference 2009 25 February 2009
More informationFlorida State University
Florida State University Disaster Recovery & Business Continuity Planning Overview October 24, 2017 1 Key Readiness Questions Has your department identified the business functions and infrastructure that
More informationBUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW
BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW EXECUTIVE SUMMARY CenturyLink is committed to ensuring business resiliency and survivability during an incident or business disruption. Our Corporate Business
More informationORA HIPAA Security. All Affiliate Research Policy Subject: HIPAA Security File Under: For Researchers
All Affiliate Research Policy Subject: HIPAA File Under: For Researchers ORA HIPAA Issuing Department: Office of Research Administration Original Policy Date Page 1 of 5 Approved by: May 9,2005 Revision
More informationHIPAA Compliance and OBS Online Backup
WHITE PAPER HIPAA Compliance and OBS Online Backup Table of Contents Table of Contents 2 HIPAA Compliance and the Office Backup Solutions 3 Introduction 3 More about the HIPAA Security Rule 3 HIPAA Security
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationAfter the Attack. Business Continuity. Planning and Testing Steps. Disaster Recovery. Business Impact Analysis (BIA) Succession Planning
After the Attack Business Continuity Week 6 Part 2 Staying in Business Disaster Recovery Planning and Testing Steps Business continuity is a organization s ability to maintain operations after a disruptive
More informationBusiness continuity management and cyber resiliency
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Business continuity management and cyber resiliency Introductions Eric Wunderlich,
More informationINFORMATION TECHNOLOGY SERVICES DISASTER RECOVERY PLAN
INFORMATION TECHNOLOGY SERVICES DISASTER RECOVERY PLAN Revision History Revision Change Date 1.0 DRAFT Disaster Recovery Plan 8/8/2006 1.1 FINAL Disaster Recovery Plan 10/12/2009 2.0 Reviewed 10/15/2009
More informationAPPENDIX 7. ICT Disaster Recovery Plan
APPENDIX 7 ICT Disaster Recovery Plan This policy was approved and ratified by the Finance and Resources Committee of Cox Green School on 10 th October 2017 Version Authorisation Approval Date Effective
More informationHIPAA Security Checklist
HIPAA Security Checklist The following checklist summarizes the HIPAA Security Rule requirements that should be implemented by both covered entities and business associates. The citations are to 45 CFR
More informationHIPAA Security Checklist
HIPAA Security Checklist The following checklist summarizes the HIPAA Security Rule requirements that should be implemented by both covered entities and business associates. The citations are to 45 CFR
More informationModule 4 STORAGE NETWORK BACKUP & RECOVERY
Module 4 STORAGE NETWORK BACKUP & RECOVERY BC Terminology, BC Planning Lifecycle General Conditions for Backup, Recovery Considerations Network Backup, Services Performance Bottlenecks of Network Backup,
More informationDisaster Recovery Planning Blackout. Katrina
Disaster Recovery 2003 Blackout Before: After: Katrina 1 Sandy Mentor, Ohio Flood Disaster Map 2 It is believed that some of the companies spend up to 25% of their budgets on disaster recovery planning;
More informationStandard: Data Center Security
Standard: Data Center Security Page 1 Executive Summary The university data centers provide for the reliable operation of SJSU s computing systems, computing infrastructure, and communication systems.
More informationMaster Information Security Policy & Procedures [Organization / Project Name]
Master Information Security Policy & Procedures [Organization / Project Name] [Version Number / Date of [Insert description of intended audience or scope of authorized distribution.] Authors: [Names] Information
More informationData Protection Policy
Data Protection Policy Data Protection Policy Version 3.00 May 2018 For more information, please contact: Technical Team T: 01903 228100 / 01903 550242 E: info@24x.com Page 1 The Data Protection Law...
More informationNYDFS Cybersecurity Regulations
SPEAKERS NYDFS Cybersecurity Regulations Lisa J. Sotto Hunton & Williams LLP (212) 309-1223 lsotto@hunton.com www.huntonprivacyblog.com March 9, 2017 The Privacy Team at Hunton & Williams Over 30 privacy
More informationDISASTER RESPONSE & RECOVERY PLANNING. Information Technology Services
DISASTER RESPONSE & RECOVERY PLANNING Information Technology Services Review Frequency: Annual Review Schedule: March 2016 ADDITIONAL DETAILS Vendor list details redacted from this version. Effective:
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 13 Business Continuity
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 13 Business Continuity Objectives Define business continuity Describe the components of redundancy planning List disaster recovery
More informationInformation Systems. Data Protection Disaster recovery Backups
Information Systems Data Protection Disaster recovery Backups Data protection act 1998 - Rights The rights of data subjects People whose personal data is stored are called data subjects. The DPA sets uprights
More informationREGIONAL UTILITY COORDINATION PLAN. Portland, Oregon / Vancouver, Washington Metropolitan Area
REGIONAL UTILITY COORDINATION PLAN Portland, Oregon / Vancouver, Washington Metropolitan Area I. PURPOSE The purpose of this plan is to outline procedures for coordination between local governments and
More informationInformation Services IT Security Policies L. Network Management
Information Services IT Security Policies L. Network Management Version 1.1 Last updated: 11th August 2010 Approved by Directorate: 2nd July 2009 Review date: 1st August 2011 Primary owner of security
More informationEXHIBIT A. - HIPAA Security Assessment Template -
Department/Unit: Date: Person(s) Conducting Assessment: Title: 1. Administrative Safeguards: The HIPAA Security Rule defines administrative safeguards as, administrative actions, and policies and procedures,
More informationTB+ 1.5 Billion+ The OnBase Cloud by Hyland 600,000,000+ content stored. pages stored
the onbase cloud ONBASE CLOUD // Experience Matters The OnBase Cloud by Hyland When it comes to cloud deployments, experience matters. With experience comes more functionality, an established history of
More informationPlease indicate below the principle nature of your department s operations (check all that apply): Student life support.
BUSINESS 2016 A. BUSINESS CONTINUITY PLAN (BCP) To be better prepared, UH personnel and its programs may use this form to complete a Business Continuity Plan (BCP) checklist to describe how your program
More informationDisaster Recovery Planning: Is Your Plan in Place? Presented by: Steve Shofner, CISA, CGEIT
Disaster Recovery Planning: Is Your Plan in Place? Presented by: Steve Shofner, CISA, CGEIT 1 The material appearing in this presentation is for informational purposes only and is not legal or accounting
More informationHIPAA Security and Privacy Policies & Procedures
Component of HIPAA Security Policy and Procedures Templates (Updated for HITECH) Total Cost: $495 Our HIPAA Security policy and procedures template suite have 71 policies and will save you at least 400
More informationCybersecurity Checklist Business Action Items
Cybersecurity Checklist Business Action Items This section provides a thorough (although not all-inclusive or exhaustive) checklist of action items within the three categories for Incident Management (Planning,
More informationData Breach Incident Management Policy
Data Breach Incident Management Policy Policy Number FCP2.68 Version Number 1 Status Draft Approval Date: First Version Approved By: First Version Responsible for Policy Responsible for Implementation
More informationINFORMATION AND COMMUNICATIONS TECHNOLOGY (ICT) DISASTER RECOVERY POLICY AND PROCEDURES
INFORMATION AND COMMUNICATIONS TECHNOLOGY (ICT) DISASTER RECOVERY POLICY AND PROCEDURES Document Control Panel File Reference Number File Name Owner Approver ICT Disaster Recovery-PP-01 ICT Disaster Recovery
More informationApex Information Security Policy
Apex Information Security Policy Table of Contents Sr.No Contents Page No 1. Objective 4 2. Policy 4 3. Scope 4 4. Approval Authority 5 5. Purpose 5 6. General Guidelines 7 7. Sub policies exist for 8
More informationSAS SOLUTIONS ONDEMAND
DECEMBER 4, 2013 Gary T. Ciampa SAS Solutions OnDemand Advanced Analytics Lab Birmingham Users Group, 2013 OVERVIEW SAS Solutions OnDemand Started in 2000 SAS Advanced Analytics Lab (AAL) Created in 2007
More informationWHITE PAPER OCTOBER 2017 VMWARE ENTERPRISE RESILIENCY. Integrating Resiliency into Our Culture and DNA
WHITE PAPER OCTOBER 2017 VMWARE ENTERPRISE RESILIENCY Integrating Resiliency into Our Culture and DNA Table of Contents Executive Summary.... 3 Background.... 4 Charter.................................................................4
More informationData Processing Amendment to Google Apps Enterprise Agreement
Data Processing Amendment to Google Apps Enterprise Agreement The Customer agreeing to these terms ( Customer ) and Google Inc., Google Ireland, or Google Asia Pacific Pte. Ltd. (as applicable, Google
More informationSparta Systems TrackWise Digital Solution
Systems TrackWise Digital Solution 21 CFR Part 11 and Annex 11 Assessment February 2018 Systems TrackWise Digital Solution Introduction The purpose of this document is to outline the roles and responsibilities
More informationMetropolitan Washington Airports Authority PROCUREMENT AND CONTRACTS DEPT. AMENDMENT OF SOLICITATION
Metropolitan Washington Airports Authority PROCUREMENT AND CONTRACTS DEPT. AMENDMENT OF SOLICITATION Metropolitan Washington Airports Authority Procurement and Contracts Dept., MA-29 2733 Crystal Drive
More informationInformation Technology General Control Review
Information Technology General Control Review David L. Shissler, Senior IT Auditor, CPA, CISA, CISSP Office of Internal Audit and Risk Assessment September 15, 2016 Background Presenter Senior IT Auditor
More informationBusiness Continuity Planning
Information Systems Audit and Control Association www.isaca.org Business Continuity Planning AUDIT PROGRAM & INTERNAL CONTROL QUESTIONNAIRE The Information Systems Audit and Control Association With more
More informationPECB Change Log Form
GENERAL INFORMATION Owner / Department* Approver / Department * Training Development Department Quality Assurance Department Date of Approval* 2019-01-09 Course name: Language: New Version: Previous Version:
More informationNORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers
Identify Protect Detect Respond Recover Identify: Risk Assessments & Management 1. Risk assessments are conducted frequently (e.g. annually, quarterly). 2. Cybersecurity is included in the risk assessment.
More informationMasada College Student Bring Your Own Device (BYOD) Policy Guidelines Years 7-12
Masada College Student Bring Your Own Device (BYOD) Policy Guidelines Years 7-12 1. Introduction Masada College supports the bringing of a computing device to school by all students in Years 7-12 for use
More informationRECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES
RECORDS MANAGEMENT DEPARTMENT OF THE TREASURY, DIVISION OF REVENUE AND ENTERPRISE SERVICES, RECORDS MANAGEMENT SERVICES RECORDS MANAGEMENT SERVICES Records Management Services, Division of Revenue and
More information