This Backup and Recovery Standard defines the minimum controls to ensure that Company’s information is available for critical processing through the implementation of controls ensuring that business information is backed-up and restorable when data on primary processing media is lost or corrupted. This includes the need for processes and procedures that ensure correct and appropriate handling, as well as suitable protection of backed-up media and data such as physical or logical protection measures. In addition, records need to be maintained of the actions taken on backed-up data.
Finally, when disposing of, or considering re-using backup media, care must be taken to protect against the inadvertent or deliberate exposure of Company’s information.
1.1 PROCEDURE OWNER
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. BACKUP OF INFORMATION
4. BACKUP PROCESSES AND PROCEDURES
5. PHYSICAL AND ENVIRONMENTAL SECURITY
6. PROTECTION OF BACKUP MEDIA IN TRANSIT
7. USE OF ENCRYPTION
8. DATA BACKUP AND RETENTION
9. CONTROL OVER REMOVABLE BACKUP MEDIA (MEDIA LIBRARY)
11. BACKUP AND RESTORE SUCCESS AND FAILURE
12. DATA RECOVERY FACILITIES
13. DISPOSAL AND RECYCLING
16. FINAL CONSIDERATIONS
16.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
16.2 DOCUMENT REVISION
The objective of the Making Corporate Information Publicly Available Procedure is to determine whether the disclosure of information is appropriate, to prepare information for disclosure and resolve problems with disclosure processes.
The purpose of this Business Continuity Plan Procedure is to provide an effective, fit-for-purpose, predefined and documented framework and process to enable the Business Continuity Management of the Company’s Mission Critical Activities and their dependencies.