You are on page 1of 17

Backup and Recovery

Policy
Purpose

This policy defines the objectives, accountabilities and application of
backup and recovery for data held in the information and communication
technology environment of the Department of . . .(“Department”).

Replaces

<Previous Policy Document>

Commences

<date>

File:

<file reference or policy number>

Scope

The policy covers all aspects of Backup and Recovery for Department
data.

Principle

The following principles direct this policy:
 proper backup, storage, and handling of data is necessary for the
Department to achieve its objectives efficiently
 the Department will act to preserve information relating to its
business.
 Staff must protect the availability, confidentiality and integrity of
Department data.

Responsibility This policy applies to all employees, contractors, consultants and
authorised users of Department Facilities (“staff”).
Policy breaches may lead to disciplinary and/or legal action.
Custodian
Director, Information Services

Date

Executive Director, Corporate Services

Date

Director General

Date

Approver

Endorser

© Copyright 2011 The State of Western Australia
267966617.doc

Mar-2015

1 of 17

Department of . . .

Backup and Recovery Policy

Table of Contents
1.

POLICIES AND GUIDELINES......................................................................................................... 3
1.1.
1.2.
1.3.
1.4.
1.5.
1.6.

2.

Protecting Department Data................................................................................................. 4
Storing a Copy..................................................................................................................... 6
Accessing a Copy................................................................................................................ 7
Media in Transit.................................................................................................................... 8
Retention and Disposal of Backup Copies...........................................................................8
Periodic Validation............................................................................................................... 8

SUMMARY OF RESPONSIBILITIES............................................................................................. 10
2.1.
2.2.
2.3.

Information Services.......................................................................................................... 10
Department Staff................................................................................................................ 10
Infrastructure Operator....................................................................................................... 10

3.

REFERENCES AND ATTACHMENTS........................................................................................... 11

4.

APPROVAL, DELEGATIONS AND MAINTENANCE....................................................................12

Page 2 of 17

Department of . . .

1.

Backup and Recovery Policy

Policy
The following principles direct this policy:
 proper backup, storage, and handling of data is necessary for the Department to
achieve its objectives efficiently
 the Department will act to preserve information relating to its business.
 Staff must protect the availability, confidentiality and integrity of Department data.
Policies for Backup and Recovery are:
Policy 1: Department data will be protected by regular backups.
Policy 2: Exceptions to the standard process must be approved by the Director,
Information Services.
Policy 3: Department data created on non-networked workstations must be saved to
the Encrypted Files folder.
Policy 4: The Department will not explicitly or deliberately exclude non-department data
from its backup regime.
Policy 5: Backup copies must be stored in an environmentally protected and access
controlled secure offsite location.
Policy 6: Stored copies must be made available upon authorised request.
Policy 7: A record of the physical movements of all backup copies shall be maintained.
Policy 8: The Infrastructure Operator shall develop procedures for the handling and
storage of information in order to prevent unauthorised disclosure, misuse or
loss.
Policy 9: Backup copies are to be maintained in accordance with the Department’s
Retention and Disposal Schedule for backup copies.
Policy 10: All backup media shall be appropriately disposed.
Policy 11: Every quarter the Infrastructure Operator shall report on its ability to recover
data
Policy 12: Department business units are responsible for creating Business Continuity
Plans (BC).
Policy 13: Department business units are responsible for creating Disaster Recovery
Plans.
Policy 14: Business Continuity Plans and Disaster Recovery Plans must be tested to
verify correct operation of processes and adequate restoration of services.

Page 3 of 17

Department of . . .

Backup and Recovery Policy

Page 4 of 17

Department of . . .

2.

Backup and Recovery Policy

Policies and Procedures
2.1.

Protecting Department Data

1. Department data will be protected by regular backups.


‘data’ means any stored information, including:
a. ‘Department data’ which means all Department business related
information created, received or maintained by the Department in the
course of conducting its business activities, including
 ‘systems data’ which means all operating system files,
programmes and configurations
 ‘application data’ which means all application files, programmes
and configurations
 ‘network protocol data’ which means all network files,
programmes, configurations and log files that monitor system
traffic.

‘backup’ means a copy of data for safekeeping in
case the original is lost or damaged, including:
b. ‘incremental backup’ which means the backup of data that has been
altered since the last backup
c. ‘full backup’ which means a backup of all data regardless of whether
files have been altered since the last backup.

‘business day’ means any normal working day
d. ‘non-business day’ and ‘non-working day’ mean a weekend or public
holiday and backups shall be performed the previous business day.

‘Infrastructure Operator’ means the contractor holding
the contract for the support of Department technology infrastructure,
including server, desktop, network and security services management.
.i All Department data, systems data,
application data and network (protocol) data
shall be protected by backup at the end of
each business day.
.ii The backup scheme varies to meet
operational needs, but is generally:
e. servers backed up to a local tape drives are backed up in full each work
day
f. servers that are backed up to a network drive are backed up
incrementally each work day and in full once a week.
.iii The Infrastructure Operator shall develop
procedures to comply with this policy,
including:

Page 5 of 17

Department of . . .

Backup and Recovery Policy

g. all software, whether purchased or developed, is to be protected once
by means of a full backup
h. systems data must be protected with a full backup each work day
i. network protocol data must be protected with a backup each work day
j. application data must be protected with a backup each work day.
.iv The backup scheme for application data is in
general:
k. daily backups for normal office operations are performed out of office
hours Monday through Thursday and can be overwritten one week after
creation
l. daily backups for 24x7 operations are performed Saturday through
Thursday and can be overwritten one week after creation
m. weekly backups are performed out of office hours on Fridays and may
not be overwritten within one month of their creation date.
.v The archive scheme is in general:
n. the end-of-month backup tape is archived and stored indefinitely
o. the year end backup tape is archived and stored indefinitely where the
archive set is
 a complete set of verified, successful end-of-month backups
 taken at both the end of the financial year (to coincide with end-offinancial-year reporting) and at the end of the calendar year.
.vi The retention schedule for backups includes:
p. end of financial year backups must be kept for 7 years for statutory
purposes
q. personnel information shall be kept for 71 years from a person’s date of
birth
.vii The Infrastructure Operator shall maintain a
log of all backups undertaken.
2. Exceptions to the standard process must be approved by the
Director, Information Services.
.viii The approved exception for email is:
a. Email traffic (daily incremental and weekly full backups OR journals) are
retained indefinitely.
3. Department data created on non-networked workstations
must be saved to the Encrypted Files folder.


‘Non-networked workstations’ refers to workstations
that are not always connected to the Department computer system
network.
.ix The Encrypted folder:

Page 6 of 17

Department of . . .

Backup and Recovery Policy

a. is located on the C: drive
b. is the only encrypted directory on a standard workstation.
.x The Encrypted folder is backed up
c. each time a workstation is connected to the Department network
d. after the user is prompted to confirm the backup and selects the ‘OK’
button.
.xi The Encrypted folder cannot be backed up
unless the workstation is connected to the
network.
4. The Department will not explicitly or deliberately exclude
non-department data from its backup regime.


‘Non-department data’ includes all data on
department facilities that is not department data, including
a. personal data
b. temporary files.
.xii Non-department data
c. may be backed up when department data is backed up
d. that is backed up will not be recovered through the recovery process.
2.2.

Storing a Copy

5. Backup copies must be stored in an environmentally
protected and access controlled secure offsite location.


An environmentally protected and access controlled
secure offsite location refers to
a. physical site security
b. physical access
c. storage management.
d.
e.
f.
g.
h.
i.
j.

.xiii Physical site security shall include:
monitored security services, i.e. alarmed to a certified security
organisation
installation of appropriate fire detection devices
secured windows, e.g. bars/alarmed
ram bars across roller doors
a fire rated secured vault for storage of backup copies
relevant Quality Assurance accreditation, including evidence of annual
review
police clearance for all personnel managing the service, with evidence
of bi-annual review.

Page 7 of 17

Department of . . .

Backup and Recovery Policy

.xiv Storage management shall include:
k. security policies and procedures on the retention and retrieval of data
storage
l. justification of cost analysis versus benefits for the storage management
service provided, upon request
m. defined retention periods and storage terms
n. media library management procedures, including contents of media
library
o. verifying integrity of stored media, including measures to detect, prevent
and recover from physical media defects
p. regular audit reviews, including evidence of review and action taken.
.xv Offsite storage management shall comply with
the relevant components of standards such
as:
q. AS/NZS ISO/IEC 27002:2006, ISO/IEC 27002:2005 (Information
technology - Security techniques - Code of Practice for information
security management)
r. AS/NZS ISO/IEC 27001:2006, ISO/IEC 27001:2005 (Information
technology - Security Techniques - Information Security Management
Systems – Requirements)
2.3.

Accessing a Copy

6. Stored copies must be made available upon authorised
request.


The request for stored data must be approved by an
authorised person nominated by Department Management.
.xvi Requests for stored data must include:
a. completion of a form that outlines the specifics of the request, including
what copy is being requested, where and when the requester would like
it delivered and why they are requesting the copy
b. acknowledgement that the backup copy will be returned promptly upon
completion of its use
c. acceptance of a return receipt (to be supplied by the courier) as
evidence that the backup copy has been returned.
7. A record of the physical movements of all backup copies
shall be maintained.


Physical movement of backup copies shall refer to:
a. the initial backup copy data and its transit to storage
b. any movement of backup copies from their storage location to another
location.

Page 8 of 17

Department of . . .

c.
d.
e.
f.
g.
h.
i.
2.4.

Backup and Recovery Policy

.xvii The record of physical movements of backup
media shall include:
all identification information relating to the requested copies
purpose of request
person requesting the copy
authorisation for the request
where the copy will be held while it is out of storage
when the copy was released from storage
when the copy will be returned to storage.
Transporting a Copy

8. The Infrastructure Operator shall develop procedures for the
handling and storage of information in order to prevent
unauthorised disclosure, misuse or loss.
.xviii Media in transit shall be protected from
unauthorised access, misuse or corruption,
including
a. sufficient protection to avoid any physical damage arising during transit
b. packed in accordance with manufacturer’s specifications.
.xix All personnel responsible for the
transportation of backup media shall have:
c. police clearance with evidence of bi-annual review
d. relevant identification
e. relevant authorisation.

f.
g.
h.
i.

.xx Where special controls are required, i.e. to
protect sensitive or critical information, the
following should be considered:
use of a secured container(s)
hand delivery
tamper-evident packaging
in extreme cases, the delivery split and dispatched by separate routes.

Page 9 of 17

Department of . . .

2.5.

Backup and Recovery Policy

Retention and Disposal of Copies

9. Backup copies are to be maintained in accordance with the
Department’s Retention and Disposal Schedule for backup
copies.


The schedule will determine the status of the
information, as whether it can be disposed, cycled back into production
or remain in archive storage.
10. All backup media shall be appropriately disposed.


‘Media’ refers to an object or device, such as a disk
or magnetic tape, on which data is stored.
.xxi Media used
a. by Infrastructure Operator for backup purposes shall be of a high quality
b. for backups must be replaced at appropriate frequency, i.e. every 2
years or as recommended by the media manufacturer.
2.6.

Periodic Validation

11. Every quarter the Infrastructure Operator shall report on its
ability to recover data


The ability to recover data shall be measured by:
a. inspection of the storage facility
b. ability to retrieve backup media sample (copies)
c. a backup recovery exercise.
.xxii The backup media recovery sample shall
include:
d. visual inspection of backup copies and media boxes to ensure
safekeeping and secure transit. Selection should be from various boxes
and include daily and weekly backup copies
e. general comments relating to backup copy conditions
f. random selection of backup copies to measure integrity of stored media.
.xxiii Inspection of the storage facility will culminate
in the creation of a Media Storage
Environmental Report, which includes issues
such as:
g. site security
h. climate control including temperature and humidity
i. date of last fire system review

Page 10 of 17

Department of . . .

Backup and Recovery Policy

j. potential for flood inundation
k. general comments relating to any environmental issues.


The ability to recover data shall be reported to the
Department via the monthly reporting system and in the quarterly
Infrastructure Report.

Page 11 of 17

Department of . . .

3.

Backup and Recovery Policy

Summary of Responsibilities
3.1.

Information Services

Information Services is responsible for:
a. providing adequate operational resources for data backup and testing of
media
b. instructing appropriate staff in data backup and recovery procedures
c. ensuring the data backup and recovery procedures are followed
d. ensuring only authorised people with sufficient knowledge conduct
backup and recovery processes
e. outlining the roles and responsibilities relating to backups in Department
job descriptions
f. establishing measurements to ensure that Service Level Agreement
requirements are met.
3.2.

Department Staff

Department staff are responsible for:
a. Storing department data on the network
b. performing independent backups of Department data stored on
decentralised or non-networked systems.
3.3.

Infrastructure Operator

The Infrastructure Operator is responsible for:
a. developing procedures that conform with this policy
b. maintaining backup and recovery procedures in accordance to changes
to IT systems
c. documenting exceptions in their procedures for event-dependent
backups, such as after the processing of certain transactions or the
execution of programs after system modification
d. ensuring only authorised people make, transmit and restore backups
e. appointing people with sufficient knowledge specifically for the role of
backup and recovery
f. ensuring that documentation regarding backup and recovery processes
is sufficient to allow a substitute to carry out data restoration
g. recovering media from the offsite storage facility, including after hours
h. randomly testing copies to ensure that the information stored on them is
still recoverable
i. recovering lost data reliably and within defined timeframes as per the
Infrastructure Service Level Agreement
j. a process for redressing backup failures
k. reporting to the Department backup failures and corrective action taken
l. providing regular reports on the status of the storage facility and
environment.

Page 12 of 17

Department of . . .

4.

Backup and Recovery Policy

References and Attachments
4.1.

References

a. AS/NZS ISO/IEC 27002:2006, ISO/IEC 27002:2005 (Information
technology - Security techniques - Code of practice for information
security management)
b. AS/NZS ISO/IEC 27001:2006, ISO/IEC 27001:2005 (Information
technology - Security Techniques - Information Security Management
Systems – Requirements).
c. ISO/IEC 22399:2007 Guideline for incident preparedness and
operational continuity management
d. ISO/IEC 24762:2008 Guidelines for information and communications
technology disaster recovery services
4.2.

Attachments

Page 13 of 17

Department of . . .

5.

Backup and Recovery Policy

Associated Processes
This section is included for convenience, but is not part of the policy.
5.1.

Business Continuity plans

12. Department business units are responsible for creating
Business Continuity Plans (BC).


‘Business Continuity’ means the strategy used to
ensure the Department can carry on its functions to a substantial degree
in the face of a major adverse event (such as fire, flood, storm,
explosion, power outage) until recovery of systems is achieved.

a.
b.
c.
d.
e.
f.
g.
h.
i.

j.

k.

.xxiv In preparing Business Continuity Plans, the
Business Units should
Identify scenarios for a range of plausible adverse events
Document internal key personnel, and backups for those persons, and
identify those who can work from remote sites
Document external contacts who can assist in providing alternative
services
Document critical equipment, including non-computer (eg
communications lines, specialist printers) facilities
Identify critical documents
Identify contingency equipment options
Identify contingency locations
Identify possible manual substitutions and workarounds for information
systems
Produce a plan detailing steps to take to maintain business activities,
with responsibilities assigned, where necessary adjusting the steps for
the different scenarios
Put the information together, and store it in multiple repositories that will
still be available if systems are down or there is limited access to
worksites
Communicate these plans and make them available to staff.


Information Services will assist business units with
the information, communication and technology aspects of their
business continuity plans.

Page 14 of 17

Department of . . .

5.2.

Backup and Recovery Policy

Disaster recovery plans

13. Department business units are responsible for creating
Disaster Recovery Plans.


‘Disaster’ means a major event that causes a
significant proportion of the Department’s information systems to
become unavailable, or to lose some degree of functionality, for a
significant period of time.

‘Recovery’ means the process of restoring
information system functions to a degree that allows the Department to
carry out its functions at an acceptable level within an agreed timeframe.
.xxv The Disaster Recovery Plan (DRP) should be
prepared by the Disaster Recovery
Committee, which should include
representatives from all critical sections or
areas of the department's functions.
a.
b.
c.
d.
e.
f.
g.

.xxvi The DRP must specify
Membership of the Disaster Recovery committee (in terms of job roles)
Each person’s DR functions, especially the job title or the person to be
named as Recovery Coordinator
Criteria for defining levels of disaster, especially what level of
interruption requires activation of the disaster plan
Communication methods to be used
Training required, immediate and ongoing, in terms of skills needed to
perform disaster recovery
Which information services will need to be restored, in what order and to
what level of functionality
What resources need to be, and have been, set aside in terms of
 duplicate equipment
 data backups
 physical locations available for personnel and equipment
 where extra specialist personnel will be obtained
 what contracts are in place for this.


Information Services will assist business units with
the information, communication and technology aspects of their disaster
recovery plans.

Page 15 of 17

Department of . . .

5.3.

Backup and Recovery Policy

Testing Disaster Recovery and Continuity Plans

14. Business Continuity Plans and Disaster Recovery Plans
must be tested to verify correct operation of processes and
adequate restoration of services.
.xxvii The Department’s DRP and BCP must be
a. tested at regular intervals to ensure that they remain relevant and
effective.
b. periodically updated and maintained to adjust for new and changed
systems, infrastructure and circumstances.


Information Services will assist business units with
the information, communication and technology aspects of testing and
validation.

Page 16 of 17

Department of . . .

6.

Backup and Recovery Policy

Approval, Delegations and Maintenance
6.1.

Approval

Executive Director, Corporate Services
Name:
Signature:
Date:
6.2.

Maintenance and Review

Responsible Officer
Position:

Director, Information Services

File Reference:

9999/9999

Review Date:

2012

Page 17 of 17