Backup and Recovery Standard
This standard defines the minimum controls to ensure that Company’s information is available for critical processing through the implementation of controls ensuring that business information is backed-up and restorable when data on primary processing media is lost or corrupted. This includes the need for processes and procedures that ensure correct and appropriate handling, as well as suitable protection of backed-up media and data such as physical or logical protection measures. In addition, records need to be maintained of the actions taken on backed-up data.
Finally, when disposing of, or considering re-using backup media, care must be taken to protect against the inadvertent or deliberate exposure of Company’s information.
CONTENT
1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. BACKUP OF INFORMATION
4. BACKUP PROCESSES AND PROCEDURES
5. PHYSICAL AND ENVIRONMENTAL SECURITY
6. PROTECTION OF BACKUP MEDIA IN TRANSIT
7. USE OF ENCRYPTION
8. DATA BACKUP AND RETENTION
9. CONTROL OVER REMOVABLE BACKUP MEDIA (MEDIA LIBRARY)
10. RESTORES
11. BACKUP AND RESTORE SUCCESS AND FAILURE
12. DATA RECOVERY FACILITIES
13. DISPOSAL AND RECYCLING
14. COMPLIANCE
15. EXCEPTIONS
16. FINAL CONSIDERATIONS
16.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
16.2 DOCUMENT REVISION
Pages: 11
Review Backup and Recovery Standard.