Professional Documents
Culture Documents
Model Backup and Recovery Policy
Model Backup and Recovery Policy
Policy
Purpose
Replaces
Commences
<date>
File:
Scope
The policy covers all aspects of Backup and Recovery for Department
data.
Principle
Date
Date
Director General
Date
Approver
Endorser
Aug-2012
1 of 18
Department of . . .
Table of Contents
1.
2.
SUMMARY OF RESPONSIBILITIES............................................................................................. 10
2.1.
2.2.
2.3.
Information Services.......................................................................................................... 10
Department Staff................................................................................................................ 10
Infrastructure Operator....................................................................................................... 10
3.
4.
ver 2011
Page 2 of 18
Department of . . .
1.
Policy
The following principles direct this policy:
proper backup, storage, and handling of data is necessary for the Department to
achieve its objectives efficiently
the Department will act to preserve information relating to its business.
Staff must protect the availability, confidentiality and integrity of Department data.
Policies for Backup and Recovery are:
Policy 1: Department data will be protected by regular backups.
Policy 2: Exceptions to the standard process must be approved by the Director,
Information Services.
Policy 3: Department data created on non-networked workstations must be saved to
the Encrypted Files folder.
Policy 4: The Department will not explicitly or deliberately exclude non-department data
from its backup regime.
Policy 5: Backup copies must be stored in an environmentally protected and access
controlled secure offsite location.
Policy 6: Stored copies must be made available upon authorised request.
Policy 7: A record of the physical movements of all backup copies shall be maintained.
Policy 8: The Infrastructure Operator shall develop procedures for the handling and
storage of information in order to prevent unauthorised disclosure, misuse or
loss.
Policy 9: Backup copies are to be maintained in accordance with the Departments
Retention and Disposal Schedule for backup copies.
Policy 10: All backup media shall be appropriately disposed.
Policy 11: Every quarter the Infrastructure Operator shall report on its ability to recover
data
Policy 12: Department business units are responsible for creating Business Continuity
Plans (BC).
Policy 13: Department business units are responsible for creating Disaster Recovery
Plans.
Policy 14: Business Continuity Plans and Disaster Recovery Plans must be tested to
verify correct operation of processes and adequate restoration of services.
ver 2011
Page 3 of 18
Department of . . .
ver 2011
Page 4 of 18
Department of . . .
2.
ver 2011
Page 5 of 18
Department of . . .
ver 2011
Page 6 of 18
Department of . . .
Storing a Copy
ver 2011
Page 7 of 18
Department of . . .
Accessing a Copy
ver 2011
Page 8 of 18
Department of . . .
c.
d.
e.
f.
g.
h.
i.
2.4.
f.
g.
h.
i.
ver 2011
Page 9 of 18
Department of . . .
2.5.
Periodic Validation
ver 2011
Page 10 of 18
Department of . . .
ver 2011
Page 11 of 18
Department of . . .
3.
Summary of Responsibilities
3.1.
Information Services
Department Staff
Infrastructure Operator
ver 2011
Page 12 of 18
Department of . . .
4.
References
Attachments
a. nil
ver 2011
Page 13 of 18
Department of . . .
5.
Associated Processes
This section is included for convenience, but is not part of the policy.
5.1.
a.
b.
c.
d.
e.
f.
g.
h.
i.
j.
k.
ver 2011
Page 14 of 18
Department of . . .
5.2.
ver 2011
Page 15 of 18
Department of . . .
5.3.
ver 2011
Page 16 of 18
Department of . . .
6.
Approval
Responsible Officer
Position:
File Reference:
9999/9999
Review Date:
2012
ver 2011
Page 17 of 18
Department of . . .
7.
ver 2011
Page 18 of 18