Академический Документы
Профессиональный Документы
Культура Документы
IT Disaster Recovery Plan Template By Paul Kirvan, CISA, CISSP, FBCI, CBCP
Revision History
REVISION Original 1.0 DATE NAME DESCRIPTION
Table of Contents
By Paul Kirvan, CISA, CISSP, FBCI, CBCP......................................................................1 Information Technology Statement of Intent.......................................................................5 Policy Statement.................................................................................................................. 5 Objectives ........................................................................................................................... 5 Key Personnel Contact Info................................................................................................. 6 Notification Calling Tree ................................................................................................ 7 External Contacts................................................................................................................. 8 External Contacts Calling Tree......................................................................................10 1 Plan Overview.................................................................................................................11 1.1 Plan Updating...........................................................................................................11 1.2 Plan Documentation Storage....................................................................................11 1.3 Backup Strategy....................................................................................................... 11 1.4 Risk Management.................................................................................................... 11 2 Emergency Response...................................................................................................... 12 2.1 Alert, escalation and plan invocation.......................................................................12 2.1.1 Plan Triggering Events..................................................................................... 12 2.1.2 Assembly Points...............................................................................................12 2.1.3 Activation of Emergency Response Team........................................................12 2.2 Disaster Recovery Team.......................................................................................... 13 2.3 Emergency Alert, Escalation and DRP Activation.................................................. 13 2.3.1 Emergency Alert............................................................................................... 13 2.3.2 DR Procedures for Management.......................................................................14 2.3.3 Contact with Employees................................................................................... 14 2.3.4 Backup Staff......................................................................................................14 2.3.5 Recorded Messages / Updates.......................................................................... 14 2.3.7 Alternate Recovery Facilities / Hot Site........................................................... 14 2.3.8 Personnel and Family Notification................................................................... 14 3 Media.............................................................................................................................. 15 3.1 Media Contact.........................................................................................................15 3.2 Media Strategies......................................................................................................15 3.3 Media Team............................................................................................................. 15 3.4 Rules for Dealing with Media..................................................................................15 4 Insurance ........................................................................................................................ 15 5 Financial and Legal Issues.............................................................................................. 16 5.1 Financial Assessment...............................................................................................16 5.2 Financial Requirements........................................................................................... 16 5.3 Legal Actions........................................................................................................... 16 6 DRP Exercising...............................................................................................................16 Appendix A Technology Disaster Recovery Plan Templates ........................................17
3
Disaster Recovery Plan for <System One>................................................................... 17 Disaster Recovery Plan for <System Two>...................................................................19 Disaster Recovery Plan for Local Area Network (LAN)...............................................21 Disaster Recovery Plan for Wide Area Network (WAN)..............................................23 Disaster Recovery Plan for Remote Connectivity......................................................... 25 Disaster Recovery Plan for Voice Communications..................................................... 27 Appendix B Suggested Forms........................................................................................ 29 Damage Assessment Form.............................................................................................29 Management of DR Activities Form..............................................................................29 Disaster Recovery Event Recording Form.................................................................... 30 Disaster Recovery Activity Report Form...................................................................... 30 Mobilizing the Disaster Recovery Team Form .............................................................31 Mobilizing the Business Recovery Team Form ............................................................31 Monitoring Business Recovery Task Progress Form ....................................................32 Preparing the Business Recovery Report Form ............................................................ 32 Communications Form ..................................................................................................33 Returning Recovered Business Operations to Business Unit Leadership.....................33 Business Process/Function Recovery Completion Form...............................................34
Policy Statement
!orporate management has approved the following policy statement" The company shall develop a comprehensive IT disaster recovery plan. # formal ris$ assessment shall be underta$en to determine the re%uirements for the disaster recovery plan. The disaster recovery plan should cover all essential and critical infrastructure elements, systems and networ$s, in accordance with $ey business activities. The disaster recovery plan should be periodically tested in a simulated environment to ensure that it can be implemented in emergency situations and that the management and staff understand how it is to be e&ecuted. #ll staff must be made aware of the disaster recovery plan and their own respective roles. The disaster recovery plan is to be $ept up to date to ta$e into account changing circumstances.
Objectives
The principal ob'ective of the disaster recovery program is to develop, test and document a well-structured and easily understood plan which will help the company recover as %uic$ly and effectively as possible from an unforeseen disaster or emergency which interrupts information systems and business operations. #dditional ob'ectives include the following" The need to ensure that all employees fully understand their duties in implementing such a plan The need to ensure that operational policies are adhered to within all planned activities The need to ensure that proposed contingency arrangements are cost-effective The need to consider implications on other company sites (isaster recovery capabilities as applicable to $ey customers, vendors and others
*or$ #lternate +obile ,ome -mail #ddress #lternate -mail *or$ #lternate +obile ,ome -mail #ddress #lternate -mail *or$ #lternate +obile ,ome -mail #ddress #lternate -mail *or$ #lternate +obile ,ome -mail #ddress #lternate -mail *or$ #lternate +obile ,ome -mail #ddress #lternate -mail *or$ #lternate +obile ,ome -mail #ddress #lternate -mail
External Contacts
Name, Title Contact Option Contact Number
Landlord / Property Manager #ccount 0umber 0one *or$ +obile ,ome -mail #ddress Power Company #ccount 0umber
Name, Title
Contact Option
Contact Number
83
IT Operations Tech Support - Hardware Tech Support - Software Facilities Management Email Purchasing isaster !ecovery Finance "ontracts #dmin $arehouse % Inventory Product Sales Maintenance Sales Human !esources Testing Fully Mirrored !ecovery site $or&shop Fully Mirrored !ecovery site "all "enter $e' Site
Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Off-site data storage facility Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site Fully mirrored recovery site
1 . +is) /anagement
There are many potential disruptive threats which can occur at any time and affect the normal business process. *e have considered a wide range of potential threats and the
88
results of our deliberations are included in this section. -ach potential environmental disaster or emergency situation has been e&amined. The focus here is on the level of business disruption which could arise from each type of disaster. 7otential disasters have been assessed as follows"
Potential %isaster Probability +ating Im"act +ating (rief %escri"tion Of Potential Conse0&ences 1 +eme#ial ,ctions
Flood Fire
( (
) )
#ll critical e*uipment is located on +st Floor FM,-- suppression system installed in main computer centers. Fire and smo&e detectors on all floors.
Tornado Electrical storms #ct of terrorism #ct of sa'otage Electrical power failure
/ / / / (
!edundant 0PS array together with auto stand'y generator that is tested wee&ly % remotely monitored ,)12. 0PSs also remotely monitored. Two diversely routed T+ trun&s into 'uilding. $#4 redundancy5 voice networ& resilience
$ Emergency +es"onse
$1 ,lert2 escalation an# "lan invocation
2.1.1 PlanTriggeringEvents
:ey trigger issues at head%uarters that would lead to activation of the (27 are" Total loss of all communications Total loss of power 1looding of the premises ?oss of the building
2.1.2 AssemblyPoints
*here the premises need to be evacuated, the (27 invocation plan identifies two evacuation assembly points" 7rimary @ 1ar end of main par$ing lotA #lternate @ 7ar$ing lot of company across the street
82
be issued a Buic$ 2eference card containing -2T contact details to be used in the event of a disaster. 2esponsibilities of the -2T are to" 2espond immediately to a potential disaster and call emergency servicesA #ssess the e&tent of the disaster and its impact on the business, data center, etc.A (ecide which elements of the (2 7lan should be activatedA -stablish and manage disaster recovery team to maintain vital services and return to normal operationA -nsure employees are notified and allocate responsibilities and activities as re%uired.
$'
This policy and procedure has been established to ensure that in the event of a disaster or crisis, personnel will have a clear understanding of who should be contacted. 7rocedures have been addressed to ensure that communications can be %uic$ly established while activating disaster recovery. The (2 plan will rely principally on $ey members of management and staff who will provide the technical and management s$ills necessary to achieve a smooth technology and business recovery. Duppliers of critical goods and services will continue to support recovery of business operations as the company returns to normal operating mode.
2.3.1 EmergencyAlert
The person discovering the incident calls a member of the -mergency 2esponse Team in the order listed" -mergency 2esponse Team E <<<<<<<<< E <<<<<<<<< E <<<<<<<<< If not available try" E <<<<<<<<< E <<<<<<<<<
83
The -mergency 2esponse Team =-2T> is responsible for activating the (27 for disasters identified in this plan, as well as in the event of any other occurrence that affects the company;s capability to perform normally. ne of the tas$s during the early stages of the emergency is to notify the (isaster 2ecovery Team =(2T> that an emergency has occurred. The notification will re%uest (2T members to assemble at the site of the problem and will involve sufficient information to have this re%uest effectively communicated. The 9usiness 2ecovery Team =92T> will consist of senior representatives from the main business departments. The 92T ?eader will be a senior member of the companyCs management team, and will be responsible for ta$ing overall charge of the process and ensuring that the company returns to normal wor$ing operations as early as possible.
2.3.4 BackupStaff
If a manager or staff member designated to contact other staff members is unavailable or incapacitated, the designated bac$up staff member will perform notification duties.
. Ins&rance
#s part of the company;s disaster recovery and business continuity strategies a number of insurance policies have been put in place. These include errors and omissions, directors I officers liability, general liability, and business interruption insurance. If insurance-related assistance is required following an emergency out of normal business hours, please contact: ____________________________________________
Policy Name Coverage Ty"e Coverage Perio# ,mo&nt Of Coverage Person +es"onsible 3or Coverage Next +enewal %ate
8)
4 $ 3inancial +e0&irements
The immediate financial needs of the company must be addressed. These can include" !ash flow position Temporary borrowing capability 6pcoming payments for ta&es, payroll ta&es, Docial Decurity, etc. #vailability of company credit cards to pay for supplies and services re%uired postdisaster
6 %+P Exercising
(isaster recovery plan e&ercises are an essential part of the plan development process. In a (27 e&ercise no one passes or failsA everyone who participates learns from e&ercises @ what needs to be improved, and how the improvements can be implemented. 7lan e&ercising ensures that emergency teams are familiar with their assignments and, more importantly, are confident in their capabilities. Duccessful (2 plans launch into action smoothly and effectively when they are needed. This will only happen if everyone with a role to play in the plan has rehearsed the role one or more times. The plan should also be validated by simulating the circumstances within which it has to wor$ and seeing what happens.
8.
,""en#ix , 7 Technology %isaster +ecovery Plan Tem"lates %isaster +ecovery Plan for 8System One9
S,ST-M O(-.(%-! P.O/0CT% ON S-.(-. ?ocation" Derver +odel" perating Dystem" !76s" +emory" Total (is$" Dystem ,andle" Dystem Derial J" (0D -ntry" I7 #ddress" ther" 7rovide details
HOT S%T- S-.(-. )PPL%C)T%ONS =6se bold for ,ot Dite> )SSOC%)T-/ S-.(-.S 1-, CONT)CTS ,ardware Kendor Dystem wners (atabase wner #pplication wners Doftware Kendors ffsite Dtorage 2)C10P ST.)T-*, 3O. S,ST-M ON(aily +onthly Buarterly S,ST-M ON/%S)ST-. .-CO(-., P.OC-/0.-
7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details
7rovide details Dcenario 8 Total ?oss of (ata 7rovide details Dcenario 2 Total ?oss of ,*
8/
,%%EN%!/ CONT)CTS
3ile Systems 8#ate9 3ile Sy#tem a# o$ 4date5 +inimal file systems to be created and restored from bac$up" L?istM ther critical files to modify 0ecessary directories to create !ritical files to restore Decondary files to restore ther files to restore L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM 3ile#y#tem L7rovide detailsM "byte# 0#ed ) ail 6u#ed Mounted on
85
HOT S%T- S-.(-. )PPL%C)T%ONS =6se bold for ,ot Dite> )SSOC%)T-/ S-.(-.S 1-, CONT)CTS ,ardware Kendor Dystem wners (atabase wner #pplication wners Doftware Kendors ffsite Dtorage 2)C10P ST.)T-*, $or S,ST-M T!O (aily +onthly Buarterly S,ST-M T!O /%S)ST-. .-CO(-., P.OC-/0.-
7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details
7rovide details Dcenario 8 Total ?oss of (ata 7rovide details Dcenario 2 Total ?oss of ,*
84
,%%EN%!/ CONT)CTS
3ile Systems 8#ate9 1ile Dystem as of LdateM +inimal file systems to be created and restored from bac$up" L?istM ther critical files to modify 0ecessary directories to create !ritical files to restore Decondary files to restore ther files to restore L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM 3ile#y#tem L7rovide detailsM "byte# 0#ed ) ail 6u#ed Mounted on
23
HOT S%T- S-.(-. )PPL%C)T%ONS =6se bold for ,ot Dite> )SSOC%)T-/ S-.(-.S 1-, CONT)CTS ,ardware Kendor Dystem wners (atabase wner #pplication wners Doftware Kendors ffsite Dtorage 2)C10P ST.)T-*, $or S,ST-M T!O (aily +onthly Buarterly S,ST-M T!O /%S)ST-. .-CO(-., P.OC-/0.-
?ocation" Derver +odel" perating Dystem" !76s" +emory" Total (is$" Dystem ,andle" Dystem Derial J" (0D -ntry" I7 #ddress" ther" 7rovide details
7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details
7rovide details Dcenario 8 Total ?oss of (ata 7rovide details Dcenario 2 Total ?oss of ,*
28
,%%EN%!/ CONT)CTS
3ile Systems 8#ate9 1ile Dystem as of LdateM +inimal file systems to be created and restored from bac$up" L?istM ther critical files to modify 0ecessary directories to create !ritical files to restore Decondary files to restore ther files to restore L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM 3ile#y#tem L7rovide detailsM "byte# 0#ed ) ail 6u#ed Mounted on
22
HOT S%T- -70%PM-NT SP-C%)L )PPL%C)T%ONS )SSOC%)T-/ /-(%C-S 1-, CONT)CTS ,ardware Kendor Dystem wners (atabase wner #pplication wners Doftware Kendors ffsite Dtorage 0etwor$ Dervices 2)C10P ST.)T-*, $or S,ST-M T!O (aily +onthly Buarterly S,ST-M T!O /%S)ST-. .-CO(-., P.OC-/0.-
?ocation" (evice Type" +odel 0o." Technical Dpecifications" 0etwor$ Interfaces" 7ower 2e%uirementsA Dystem Derial J" (0D -ntry" I7 #ddress" ther" 7rovide details
7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details
7rovide details Dcenario 8 Total ?oss of 0etwor$ 7rovide details Dcenario 2 Total ?oss of ,*
23
,%%EN%!/ CONT)CTS
S&""ort Systems 8#ate9 Dupport system !ritical networ$ assets !ritical interfaces !ritical files to restore !ritical networ$ services to restore ther services L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM
24
HOT S%T- -70%PM-NT SP-C%)L )PPL%C)T%ONS )SSOC%)T-/ /-(%C-S 1-, CONT)CTS ,ardware Kendor Dystem wners (atabase wner #pplication wners Doftware Kendors ffsite Dtorage 0etwor$ Dervices 2)C10P ST.)T-*, $or S,ST-M T!O (aily +onthly Buarterly S,ST-M T!O /%S)ST-. .-CO(-., P.OC-/0.-
?ocation" (evice Type" +odel 0o." Technical Dpecifications" 0etwor$ Interfaces" 7ower 2e%uirementsA Dystem Derial J" (0D -ntry" I7 #ddress" ther" 7rovide details
7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details
7rovide details Dcenario 8 Total ?oss of 0etwor$ 7rovide details Dcenario 2 Total ?oss of ,*
2)
,%%EN%!/ CONT)CTS
S&""ort Systems 8#ate9 Dupport system !ritical networ$ assets !ritical interfaces !ritical files to restore !ritical networ$ services to restore ther services L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM
2.
HOT S%T- -70%PM-NT SP-C%)L )PPL%C)T%ONS )SSOC%)T-/ /-(%C-S 1-, CONT)CTS ,ardware Kendor Dystem wners (atabase wner #pplication wners Doftware Kendors ffsite Dtorage 0etwor$ Dervices 2)C10P ST.)T-*, $or S,ST-M T!O (aily +onthly Buarterly S,ST-M T!O /%S)ST-. .-CO(-., P.OC-/0.-
?ocation" (evice Type" +odel 0o." Technical Dpecifications" 0etwor$ Interfaces" 7ower 2e%uirementsA Dystem Derial J" (0D -ntry" I7 #ddress" ther" 7rovide details
7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details 7rovide details
7rovide details Dcenario 8 Total ?oss of Dwitch 7rovide details Dcenario 2 Total ?oss of 0etwor$
2/
,%%EN%!/ CONT)CTS
S&""ort Systems 8#ate9 Dupport system !ritical networ$ assets !ritical interfaces !ritical files to restore !ritical networ$ services to restore ther services L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM L7rovide detailsM
25
>>>>>>>>>>>>>
Commencement %ate@Time
Com"letion %ate@Time
+eso&rces Involve#
In Charge
999999999999999999
24
%isaster +ecovery TeamCs <or) Com"lete#? : ate; Event 5og Passe# to (&siness +ecovery Team? : ate;
>>>>>>>>>>>>>>>>>
The report will include" # description of the emergency or incident Those people notified of the emergency =including dates> #ction ta$en by members of the (2T utcomes arising from actions ta$en #n assessment of the impact to normal business operations #ssessment of the effectiveness of the 9!7 and lessons learned ?essons learned >>>>>>>>>>
>>>>>>>>>>>
%escri"tion of Emergency? ate Occurred6 ate $or& of >usiness !ecovery Team "ompleted6
Name of Team /ember Contact %etails Contacte# On :Time @ %ate; (y <hom +es"onse Start %ate +e0&ire#
38
>>>>>>>>>>>>
8. 2. 3. 4. ). .. /.
99999999999
The contents of the report shall include" # description of the incident 7eople notified of the emergency =including dates> #ction ta$en by the business recovery team utcomes arising from actions ta$en
32
#n assessment of the impact to normal business operations 7roblems identified Duggestions for enhancing the disaster recovery andFor business continuity plan ?essons learned
Comm&nications 3orm
It is very important during the disaster recovery and business recovery activities that all affected persons and organizations are $ept properly informed. The information given to all parties must be accurate and timely. In particular, any estimate of the timing to return to normal wor$ing operations should be announced with care. It is also very important that only authorized personnel deal with media %ueries.
Persons Selected To "oordinate "ommunications to #ffected Persons 1 Organi@ations 4ame Position "ontact etails
>>>>>>>>>>>>
>>>>>>>>>>>>
33
I confirm that the wor& of the 'usiness recovery team has 'een completed in accordance with the disaster recovery plan for the a'ove process5 and that normal 'usiness operations have 'een effectively restored. >usiness !ecovery Team 3eader 4ame6 9999999999999999999999999999999999999999 Signature6 9999999999999999999999999999999999999999999999999999999999999999 ate6 99999999999999999999999999 (Any relevant comments by the BRT leader in connection with the return of this business process should be made here.)
I confirm that a'ove 'usiness process is now accepta'le for normal wor&ing conditions. 4ame6 9999999999999999999999999999999999999999999999999999999999999999999 Title6 99999999999999999999999999999999999999999999999999999999999999999999 Signature6 9999999999999999999999999999999999999999999999999999999999999999 ate6 99999999999999999999999999
34