Cntingency Planning Template Prject Name: U.S. Department f Husing and Urban Develpment Octber, 2010 Cntigency Planning Template (V1.0)
Ntes t the Authr [This dcument is a template f a Security Apprach dcument fr a prject. The template includes instructins t the authr, bilerplate text, and fields that shuld be replaced with the values specific t the prject. Blue italicized text enclsed in square brackets ([text]) prvides instructins t the dcument authr, r describes the intent, assumptins and cntext fr cntent included in this dcument. Blue italicized text enclsed in angle brackets (<text>) indicates a field that shuld be replaced with infrmatin specific t a particular prject. Text and tables in black are prvided as bilerplate examples f wrding and frmats that may be used r mdified as apprpriate t a specific prject. These are ffered nly as suggestins t assist in develping prject dcuments; they are nt mandatry frmats. When using this template, the fllwing steps are recmmended: 1. Replace all text enclsed in angle brackets (e.g., <Prject Name>) with the crrect field dcument values. These angle brackets appear in bth the bdy f the dcument and in headers and fters. T custmize fields in Micrsft Wrd (which display a gray backgrund when selected) select File- >Prperties->Summary and fill in the apprpriate fields within the Summary and Custm tabs. After clicking OK t clse the dialg bx, update all fields thrughut the dcument selecting Edit>Select All (r Ctrl-A) and pressing F9. Or yu can update each field individually by clicking n it and pressing F9. These actins must be dne separately fr any fields cntained with the dcument s Header and Fter. 2. Mdify bilerplate text as apprpriate fr the specific prject. 3. T add any new sectins t the dcument, ensure that the apprpriate header and bdy text styles are maintained. Styles used fr the Sectin Headings are Heading 1, Heading 2 and Heading 3. Style used fr bilerplate text is Bdy Text. 4. T update the Table f Cntents, right-click n it and select Update field and chse the ptin - Update entire table. 5. Befre submissin f the first draft f this dcument, delete this instructin sectin Ntes t the Authr and all instructins t the authr thrughut the entire dcument.] Cntingency Plan Template (v1.0) Page 2 f 13 [Insert apprpriate disclaimer(s)]
Table f Cntents 1... INTRODUCTION 1.1... PURPOSE 1.2... BACKGROUND 1.3... APPLICABILITY 1.4... SCOPE 1.4.1... Planning Principles 1.4.2... Assumptins 1.5... REFERENCES/REQUIREMENTS 2... CONCEPT OF OPERATIONS 2.1... SYSTEM DESCRIPTION AND ARCHITECTURE 2.2... LINE OF SUCCESSION 2.3... RESPONSIBILITIES 2.4... TESTING AND MAINTENANCE 2.4.1... Tabletp Testing 2.4.2... Technical Testing 3... NOTIFICATION AND ACTIVATION PHASE 4... RECOVERY OPERATIONS 5... RETURN TO NORMAL OPERATIONS 5.1... ORIGINAL OR NEW SITE RESTORATION 5.2... CONCURRENT PROCESSING 5.3... PLAN DEACTIVATION Appendix A: Cntingency Plan Apprval... 12 APPENDIX B: REFERENCES... 13 APPENDIX C: KEY TERMS... Errr! Bkmark nt defined. APPENDIX D: RELATED DOCUMENTS... Errr! Bkmark nt defined. Cntingency Plan Template (v1.0) Page 3 f 13 [Insert apprpriate disclaimer(s)]
1.0 INTRODUCTION PURPOSE This <System Name> Cntingency Plan establishes prcedures t recver the <System Name> fllwing a disruptin. The fllwing bjectives have been established fr this plan: Maximize the effectiveness f cntingency peratins thrugh an established plan that cnsists f the fllwing phases: Ntificatin/Activatin phase t detect and assess damage and t activate the plan Recvery phase t restre temprary IT peratins and recver damage dne t the riginal system Recnstitutin phase t restre IT system prcessing capabilities t nrmal peratins. Identify the activities, resurces, and prcedures needed t carry ut <System Name> prcessing requirements during prlnged interruptins t nrmal peratins. Assign respnsibilities t designated OPDIV persnnel and prvide guidance fr recvering <System Name> during prlnged perids f interruptin t nrmal peratins. Ensure crdinatin with ther OPDIV staff wh will participate in the cntingency planning strategies. Ensure crdinatin with external pints f cntact and vendrs wh will participate in the cntingency planning strategies. BACKGROUND This <System Name> Cntingency Plan has been develped as required under the Office f Management and Budget (OMB) Circular A-130, Management f Federal Infrmatin Resurces, Appendix III, Nvember 2000, and the Health Insurance Prtability and Accuntability Act (HIPAA) Final Security Rule, Sectin 164.308(a) (7), which requires the establishment and implementatin f prcedures fr respnding t events that damage systems cntaining electrnic prtected health infrmatin. This <System Name> Cntingency Plan is prmulgated under the legislative requirements set frth in the Federal Infrmatin Security Management Act (FISMA) f 2002 and the guidelines established by the Natinal Institute f Standards and Technlgy (NIST) Special Publicatin (SP) 800-34, titled "Cntingency Planning Guide fr Infrmatin Technlgy Systems" dated June 2002. APPLICABILITY The <System Name> Cntingency Plan applies t the functins, peratins, and resurces necessary t restre and resume OPDIV s <System Name> peratins as it is installed at <Primary lcatin name, City, State>. The <System Name> Cntingency Plan applies t OPDIV and all ther persns assciated with <System Name> as identified under Sectin 2.3, Respnsibilities. The <System Name> Cntingency Plan is supprted by <plan name>, which prvides the <purpse f plan>. Prcedures utlined in this plan are crdinated with and supprt the <plan name>, which prvides <purpse f plan>. Cntingency Planning Template (v1.0) Page 4 f 13
SCOPE Planning Principles Varius scenaris were cnsidered t frm a basis fr the plan, and multiple assumptins were made. The applicability f the plan is predicated n tw key principles. OPDIV s facility in <City, State>, is inaccessible; therefre, OPDIV is unable t perfrm <System Name> prcessing fr the Department. A valid cntract exists with the <alternate site> that designates that site in <City, State>, as the OPDIV s alternate perating facility. OPDIV will use the alternate site building and IT resurces t recver <System Name> functinality during an emergency situatin that prevents access t the riginal facility. The designated cmputer system at the alternate site has been cnfigured t begin prcessing <System Name> infrmatin. The <alternate site> will be used t cntinue <System Name> recvery and prcessing thrughut the perid f disruptin, until the return t nrmal peratins. Assumptins Based n these principles, the fllwing assumptins were used when develping the IT Cntingency Plan. The <System Name> is inperable at the OPDIV cmputer center and cannt be recvered within 48 hurs. Key <System Name> persnnel have been identified and trained in their emergency respnse and recvery rles; they are available t activate the <System Name> Cntingency Plan. Preventive cntrls (e.g., generatrs, envirnmental cntrls, waterprf tarps, sprinkler systems, fire extinguishers, and fire department assistance) are fully peratinal at the time f the disaster. Cmputer center equipment, including cmpnents supprting <System Name>, are cnnected t an uninterruptible pwer supply (UPS) that prvides 45 minutes t 1 hur f electricity during a pwer failure. <System Name> hardware and sftware at the OPDIV <riginal site> are unavailable fr at least 48 hurs. Current backups f the applicatin sftware and data are intact and available at the <ffsite strage facility>. The equipment, cnnectins, and capabilities required t perate <System Name> are available at the <alternate site> in <City, State>. Service agreements are maintained with <System Name> hardware, sftware, and cmmunicatins prviders t supprt the emergency system recvery. The <System Name> Cntingency Plan des nt apply t the fllwing situatins: Overall recvery and cntinuity f business peratins. The Business Resumptin Plan (BRP) and Cntinuity f Operatins Plan (COOP) are appended t the plan. Emergency evacuatin f persnnel. The Occupant Evacuatin Plan (OEP) is appended t the plan. Any additinal cnstraints shuld be added t this list. Cntingency Planning Template (v1.0) Page 5 f 13
REFERENCES/REQUIREMENTS This <System Name> Cntingency Plan cmplies with the OPDIV IT Cntingency Planning Plicy as fllws: The rganizatin shall develp a cntingency planning capability t meet the needs f critical supprting peratins in the event f a disruptin extending beynd 48 hurs. The prcedures fr executin f such a capability shall be dcumented in a frmal cntingency plan and shall be reviewed at least annually and updated as necessary. Persnnel respnsible fr target systems shall be trained t execute cntingency prcedures. The plan, recvery capabilities, and persnnel shall be tested t identify weaknesses f the capability at least annually. The <System Name> Cntingency Plan als cmplies with the fllwing federal and departmental plicies: The Cmputer Security Act f 1987 OMB Circular A-130, Management f Federal Infrmatin Resurces, Appendix III, Nvember 2000 Federal Preparedness Circular (FPC) 65, Federal Executive Branch Cntinuity f Operatins, July 1999 Presidential Decisin Directive (PDD) 67, Enduring Cnstitutinal Gvernment and Cntinuity f Gvernment Operatins, Octber 1998 PDD 63, Critical Infrastructure Prtectin, May 1998 Federal Emergency Management Agency (FEMA), The Federal Respnse Plan (FRP), April 1999 Defense Authrizatin Act (Public Law 106-398), Title X, Subtitle G, Gvernment Infrmatin Security Refrm, Octber 30, 2000 [Any ther applicable federal plicies shuld be added.] [Any ther applicable departmental plicies shuld be added.] Cntingency Planning Template (v1.0) Page 6 f 13
2.0 CONCEPT OF OPERATIONS SYSTEM DESCRIPTION AND ARCHITECTURE [Prvide a general descriptin f system architecture and functinality. Indicate the perating envirnment, physical lcatin, general lcatin f users, and partnerships with external rganizatins/systems. Include infrmatin regarding any ther technical cnsideratins that are imprtant fr recvery purpses, such as backup prcedures. Prvide a diagram f the architecture, including security cntrls and telecmmunicatins cnnectins.] LINE OF SUCCESSION OPDIV sets frth an rder f successin, in crdinatin with the rder set frth by the Department t ensure that decisin-making authrity fr the <System Name> Cntingency Plan is uninterrupted. The Chief Infrmatin Officer (CIO), <OPDIV>, is respnsible fr ensuring the safety f persnnel and the executin f prcedures dcumented within this <System Name> Cntingency Plan. If the CIO is unable t functin as the verall authrity r chses t delegate this respnsibility t a successr, the Deputy CIO shall functin as that authrity. T prvide cntact initiatin shuld the cntingency plan need t be initiated, please use the cntact list belw. [Cntinue descriptin f successin as applicable.] Cntact List # Name Office Phne Hme Phne Cell Phne Email 1 and and 2 and and 3 and and 4 and and 5 and and 14 and and Cntingency Planning Template (v1.0) Page 7 f 13
RESPONSIBILITIES The fllwing teams have been develped and trained t respnd t a cntingency event affecting the IT system. The Cntingency Plan establishes several teams assigned t participate in recvering <System Name> peratins. The is respnsible fr recvery f the <System Name> cmputer envirnment and all applicatins. Members f the team name include persnnel wh are als respnsible fr the daily peratins and maintenance f <System Name>. The team leader title directs the. [Cntinue t describe each team, their respnsibilities, leadership, and crdinatin with ther applicable teams during a recvery peratin.] The relatinships f the team leaders invlved in system recvery and their member teams are illustrated in Figure XX belw. [Insert hierarchical diagram f recvery teams. Shw team names and leaders; d nt include actual names f persnnel.] [Describe each team separately, highlighting verall recvery gals and specific respnsibilities. D nt detail the prcedures that will be used t execute these respnsibilities. These prcedures will be itemized in the apprpriate phase sectins] TESTING AND MAINTENANCE The Business Owner and System Develper/Maintainer shall establish criteria fr validatin/testing f a Cntingency Plan, an annual test schedule, and ensure implementatin f the test. This prcess will als serve as training fr persnnel invlved in the plan s executin. At a minimum the Cntingency Plan shall be tested annually (within 365 days). The types f validatin/testing exercises include tabletp and technical testing. Cntingency Plans fr all applicatin systems must be tested at a minimum using the table tp testing prcess. Hwever, if the applicatin system Cntingency Plan is included in the technical testing f their respective supprt systems that technical test will satisfy the annual requirement. Tabletp Testing Tabletp Testing shuld be cnducted in accrdance with the CMS Cntingency Planning Tabletp Test Prcedures. The primary bjective f the tabletp test is t ensure designated persnnel are knwledgeable and capable f perfrming the ntificatin/activatin requirements and prcedures as utlined in the CP, in a timely manner. The exercises include, but are nt limited t: Testing t validate the ability t respnd t a crisis in a crdinated, timely, and effective manner, by simulating the ccurrence f a specific crisis; and Crisis cmmunicatins and call tree verificatin. Technical Testing The primary bjective f the technical test is t ensure the cmmunicatin prcesses and data strage and recvery prcesses can functin at an alternate site t perfrm the functins and capabilities f the system within the designated requirements. Technical testing shall include, but is nt limited t: Prcess frm backup system at the alternate site; Restre system using backups; and Switch vice and data telecmmunicatins t alternate prcessing site. Cntingency Planning Template (v1.0) Page 8 f 13
3.0 NOTIFICATION AND ACTIVATION PHASE This phase addresses the initial actins taken t detect and assess damage inflicted by a disruptin t <System Name>. Based n the assessment f the event, the plan may be activated by the <Cntingency Planning Crdinatr>. In an emergency, <OPDIV> s tp pririty is t preserve the health and safety f its staff befre prceeding t the Ntificatin and Activatin prcedures. Cntact infrmatin fr key persnnel is lcated in Appendix A. The ntificatin sequence is listed belw: The first respnder is t ntify the <Cntingency Planning Crdinatr>. All knwn infrmatin must be relayed t the <Cntingency Planning Crdinatr>. The <systems manager> is t cntact the <Damage Assessment Team> and infrm them f the event. The <Cntingency Planning Crdinatr> is t instruct the Team Leader t begin assessment prcedures. The <Damage Assessment Team> is t ntify team members and direct them t cmplete the assessment prcedures utlined belw t determine the extent f damage and estimated recvery time. If damage assessment cannt be perfrmed lcally because f unsafe cnditins, the <Damage Assessment Team> is t fllw the utline belw: Damage Assessment Prcedures: [Detailed prcedures shuld be utlined t include activities t determine the cause f the disruptin; ptential fr additinal disruptin r damage; affected physical area and status f physical infrastructure; status f IT equipment functinality and inventry, including items that will need t be replaced; and estimated time t repair services t nrmal peratins.] Upn ntificatin frm the Cntingency Planning Crdinatr, the Damage Assessment Team Leader is t The Damage Assessment Team is t. Alternate Assessment Prcedures: Upn ntificatin frm the Cntingency Planning Crdinatr, the <Damage Assessment Team Leader> is t <Damage Assessment Team Leader> is t When damage assessment has been cmpleted, the <Damage Assessment Team Leader> is t ntify the <Cntingency Planning Crdinatr> f the results. The <Cntingency Planning Crdinatr> is t evaluate the results and determine whether the cntingency plan is t be activated and if relcatin is required. Based n assessment results, the <Cntingency Planning Crdinatr> is t ntify assessment results t civil emergency persnnel (e.g., plice r fire department) as apprpriate. The Cntingency Plan is t be activated if ne r mre f the fllwing criteria are met: <System Name> will be unavailable fr mre than 48 hurs Facility is damaged and will be unavailable fr mre than 24 hurs Other criteria, as apprpriate If the plan is t be activated, the <Cntingency Planning Crdinatr> is t ntify all Team Leaders and infrm them f the details f the event and if relcatin is required. Cntingency Planning Template (v1.0) Page 9 f 13
Upn ntificatin frm the <Cntingency Planning Crdinatr>, Team Leaders are t ntify their respective teams. Team members are t be infrmed f all applicable infrmatin and prepared t respnd and relcate if necessary. The <Cntingency Planning Crdinatr> is t ntify the <ff-site strage facility> that a cntingency event has been declared and t ship the necessary materials (as determined by damage assessment) t the alternate site. The <Cntingency Planning Crdinatr> is t ntify the <alternate site> that a cntingency event has been declared and t prepare the facility fr the <Organizatin s> arrival. The <Cntingency Planning Crdinatr> is t ntify remaining persnnel (via ntificatin prcedures) n the general status f the incident. 4.0 RECOVERY OPERATIONS This sectin prvides prcedures fr recvering the applicatin at the alternate site, whereas ther effrts are directed t repair damage t the riginal system and capabilities. The fllwing prcedures are fr recvering the <System Name> at the alternate site. Prcedures are utlined per team required. Each prcedure shuld be executed in the sequence it is presented t maintain efficient peratins. Recvery Gal [State the first recvery bjective as determined by the Cntingency Plan. Fr each team respnsible fr executing a functin t meet this bjective, state the team names and list their respective prcedures.] Team Recvery Prcedures Team Recvery Prcedures Team Recvery Prcedures Recvery Gal [State the secnd recvery bjective as determined by the CP. Fr each team respnsible fr executing a functin t meet this bjective, state the team names and list their respective prcedures.] Team Recvery Prcedures Team Recvery Prcedures Team Recvery Prcedures Recvery Gal [State the remaining recvery bjectives (as determined by the CP). Fr each team respnsible fr executing a functin t meet this bjective, state the team names and list their respective prcedures.] 5.0 RETURN TO NORMAL OPERATIONS This sectin discusses activities necessary fr restring <System Name> peratins at the <OPDIV> s riginal r new site. When the cmputer center at the riginal r new site has been Cntingency Planning Template (v1.0) Page 10 f 13
restred, <System Name> peratins at the <alternate site> must be transitined back. The gal is t prvide a seamless transitin f peratins frm the <alternate site> t the cmputer center. ORIGINAL OR NEW SITE RESTORATION [Prcedures shuld be utlined, per necessary team, t restre r replace the riginal site s that nrmal peratins may be transferred. IT equipment and telecmmunicatins cnnectins shuld be tested.] Team Resumptin Prcedures Team Resumptin Prcedures CONCURRENT PROCESSING [Prcedures shuld be utlined, per necessary team, t perate the system in crdinatin with the system at the riginal r new site. These prcedures shuld include testing the riginal r new system until it is functining prperly and the cntingency system is shut dwn gracefully.] Team Resumptin Prcedures Team Resumptin Prcedures PLAN DEACTIVATION [Prcedures shuld be utlined, per necessary team, t clean the alternate site f any equipment r ther materials belnging t the rganizatin, with a fcus n handling sensitive infrmatin. Materials, equipment, and backup media shuld be prperly packaged, labeled, and shipped t the apprpriate lcatin(s). Team members shuld be instructed t return t the riginal r new site] Team Testing Prcedures Team Testing Prcedures Cntingency Planning Template (v1.0) Page 11 f 13
Appendix A: Cntingency Plan Apprval The undersigned acknwledge that they have reviewed the <System Name> Cntingency Plan and agree with the infrmatin presented within this dcument. Changes t this Cntingency Plan will be crdinated with, and apprved by, the undersigned, r their designated representatives. [List the individuals whse signatures are desired. Examples f such individuals are Business Owner, Prject Manager (if identified), Designated Apprving Authrities and any apprpriate stakehlders. Add additinal lines fr signature as necessary.] Signature: Print Name: Title: Rle: Signature: Print Name: Title: Rle: Signature: Print Name: Title: Rle: Date: Date: Date: Cntingency Planning Template (v1.0) Page 12 f 13
APPENDIX B: REFERENCES [Insert the name, versin number, descriptin, and physical lcatin f any dcuments referenced in this dcument. Add rws t the table as necessary.] The fllwing table summarizes the dcuments referenced in this dcument. Dcument Name Descriptin Lcatin <Dcument Name and <Dcument descriptin> <URL r Netwrk path where dcument Versin Number> is lcated> Cntingency Planning Template (v1.0) Page 13 f 13