Академический Документы
Профессиональный Документы
Культура Документы
AND
FOR BRANCHES
Version 1.0
CBD BELAPUR
NAVI MUMBAI
FOREW ORD
Bank has come a long way in bringing the branches of the group under
Core Banking Solution, which stands at 7428 as on date, SBI
accounting for 2706 and the Associate Banks at 4722. Bank has an
ambitious plan to bring in all the branches of the group under Core
Banking Solution shortly. Having taken such an important IT initiative,
it is imperative that we place suitable systems for Disaster Recovery
Plan (DRP) and Business Continuity Plan (BCP) for the Core Banking
Branches. Having an approved DRP / BCP is also a statutory
requirement from the audit angle.
The committee under the valuable guidance of the CGM (IT) had come
out with a comprehensive DRP / BCP for branches.
I trust that the branches will make full use of the plan. I also trust that
the controllers and audit departments will use it as a handy reference
for their requirements in related areas. As the project is still in the
process of evolution, the plan will need updating. I welcome
suggestions and comments from all concerned for updating and
improving the contents.
PART - I
PART II
PART III
create greater problem than that occurs after the business hours.
affects them.
objectives to:
short term.
from a single debacle but develop over a period. The first objective
1
of DRP is to respond to a disaster potential before it becomes a
systems features.
2
vacuum cleaner. All the workstations/nodes outside the
be left dangling.
appended:
potential ignites.
equivalents.
electricians.
officials.
3
6.5.6. Ensure setting up of fireproof partitions of system
floors.
interruption.
4
branches to support a load required by the
system room.
temperature.
of UPS failure.
5
periodically. A diagram of electrical cabling
6
7. PHYSICAL SECURITY PROVISIONS:
(System).
branches.
7
not installed in the server or at the workstations in
the branch.
equipments/peripherals.
backup hardware.
registers.
8
and kept current in respect of hardware equipment
purchased.
measures will help in the safety and security of the entire system.
9
9.2. DATA BACKUP AND STORAGE STRATEGY: -
10
overnight before it is deposited to the
arrangements thereat.
in this regard.
11
in the offsite storage location on the same
room.
acknowledgement.
12
9.2.4. ADMINISTRATOR PASSWORD, B@NCS 24 BRANCH
business units (branches) of Bank must have a DRP. The Bank has
13
10.1. Assets inventory: Prepare a comprehensive list of all assets
at the branches. The final list should contain all the assets
10.2. Threat Inventory: List out all the threats like Power failure,
location.
task.
14
the respective branches where a local Disaster Recovery
structured.
opted members.
members.
15
be headed by one of the AGMs (with maximum number of
at the branches.
the LHO and/or ZOs and provision for extra telephone and
conditions:
following events:
16
11.6.1.1. Hard disk crash resulting in loss of critical
data.
hardware.
instability.
network.
or above.
17
11.6.4. Major maintenance at primary site resulting in site
than 6 hours, (c) Force majors such as fire, flood, site not
would be as under:
minutes.
committee.
18
ZOCC to pass on the information to SBI Networking
19
branch, under confirmation to the
Controller.
prescribed manner.
exercise.
now, not where it was two years or even six months ago. Keeping
business operates.
20
13. The detailed DRP should be devised and compiled at the CBS-
st
Branch during 1 Week of January of every year, which must be
and October of every year. The review report, including the changes
be retained along with the detailed original plan. For this purpose,
the DRP may contain the following items on Page-1 of the plan,
Reference
No Date Description
21
and procedures are to be immediately incorporated in the
In any case a DRP for the branch should be more exact and
control numbers and the location of each copy the DRP are
databases.
&&&&&&&&&&
22
PART II
event.
and WAN problems, server failure, host failure and such other
branches draw up a BCP for the branch, which can help the branch in
systems, equipment and the like. This document will cover specific
categories:
1
6. LAN and WAN connectivity issues: Very often branches experience
that they are unable to connect to the CDC system or that certain
clients are not functioning. More often than not, the problems are
would be useful for the branch if they could identify the problems and
Number.
CPPD.
the Controller.
6.4. Problems within the branch, which affect the local LAN,
vendor.
2
6.5. Preliminary analysis to be done by the branch staff before
points.
Router, Switch.
6.6. All the above checks need to be done both from the server
7. Server and Client Issues: This can happen at the branch due to
development immediately.
7.2. These problems may affect either the server or the clients
3
7.3. Zonal Offices should ensure availability of one or more
virus loaded.
server.
option.
4
the nearest branch on Core. Anti-virus CD and updates can
parameters correctly.
7.11. Virus attack requires updated anti virus software and clean
any virus has already attacked the system. Any virus found
5
must be deleted or at least quarantined. Help can be taken
isolate the server and one or more key client systems from
server and key nodes and printers), so that the entire load
be through UPS.
Manual Operations
6
8.1. The following procedures are to be followed while using the
are restored.
balances.
required.
7
branch is not operating through CDC, there is a risk
LHO / HO.
operations.
8
8.4.1. The restrictions on the nature and extent of
ensured.
9
8.5.2. Only users previously logged in at least once can
8.5.3. Since limits have already been defined for all users
transactions.
is used thereafter.
10
available in local system. It does not show
Front End.
above.
powers/capability.
under:
11
their existing passwords in the Login Screen at non-
home branch.
wherever possible.
12
8.6.7. Clearing Operations: It may be possible to put
mechanism.
9. General:
13
9.1.3. Appropriate action on the lines suggested above
functionaries.
14
9.1.8. Branch should have a clear plan on utilizing the
service.
&&&&&&&&&&&
15
PART III
January every year and reviewed at quarterly intervals (April, July &
irregularities, if any:
1. _________________
2. _________________
3. _________________
5. Asset Inventory:
1. ________________
2. ________________
3. ________________
4. ________________
5. ________________
1. _______________
2. _______________
3. _______________
4. _______________
5. _______________
1
c. Details of Software installed at the branch including software
licenses:
1.
2.
3.
4.
5.
6.
1. ________________
2. ________________
3. ________________
4. ________________
5. ________________
6. ________________
e. Number of Terminals:
4. Others
Total
2
f. Number of printers:
1. Passbook Printers
2. Draft Printers
3. Laser Printers
4. Inkjet Printers
6. Line Printers
7. Other Printers
Total
1. _______________________
2. _______________________
3. _______________________
4. _______________________
1. _______________________
2. _______________________
3. _______________________
4. _______________________
5. _______________________
1. _______________________
2. _______________________
3. _______________________
1. _______________________
2. _______________________
3. _______________________
3
k. Location and address of ATM (s): -
_____________________________
_____________________________
_____________________________
_____________________________
_____________________________
_____________________________
4
THREAT INVENTORY
6. Threat inventory: (The list is only indicative. Please identify and list
out all the perceived threats of your branch) Put a check mark in
fumes.
Prone area.
heavy rains.
Premises located in
Tsunami.
power failures.
etc.,
5
Dampening of roof.
installation.
Server.
Generator failure.
UPS failure.
Connectivity problems.
identify and list out all the control mechanisms available at your
branch)
(Yes/No)
6
Backup media for daily / weekly / month-end / quarter-
_________________________________________________
_________________________________________________
_________________________________________________
_________________________________________________
_________________________________________________
Yes/No
reports / statements.
periodic intervals.
premises?
11.
12.
13.
7
Checklist for Hardware:
Yes/No
printer?
properly?
to-date?
up-to-date?
available?
12.
13.
14.
15.
8
Checklist for reducing environmental contaminations:
Yes/No
room is enforced.
system room.
80% ?
10.
11.
12.
13.
9
Fire prevention checklist:
Yes/No
tests?
extinguishers in evidence?
electrician?
protection authority?
10. Does the branch conduct regular fire evacuation drills and
branch staff?
11. Can an employee tell you the approximate date of last fire
13. Whether fire insurance policies have been kept current with
at the branch?
exit from the building, including those that are not normally
16.
10
Checklist for reducing probability of Power caused disasters:
Yes/No
of the branch?
Branch?
been installed?
provided to branch?
interruption?
of all concerned?
12. Has the LAN cabling been kept separated from the electrical
cables?
13.
14.
15.
16.
17.
18.
11
Checklist for prevention of water intrusion:
Yes/No
5.
6.
7.
8.
9.
10.
12
Checklist for Physical Access Control:
Yes/No
1. Identify electronic or manual locks on the doors of the
room personnel.
room and the systems. The branch head should check the
register.
13
Checklist for Document Distribution list and maintenance:
Yes/No
branch record?
6.
7.
8.
9.
10.
14
CONTROL MECHANISM REQUIRED COST ESTIMATE
Existing are to be listed out below. The list given below is only indicative)
reports.
checking of if computers
premises
department.
preventive premises,
by AMC in case of
vendor. computer
malfunction.
staff. to be given
to staff.
authorised
electrical
engineers.
15
6. Power All UPS / AMC of UPS / Improve ---
required UPS /
capacity. Generator
or replace
equipment.
displayed in monthly
emergency intervals.
list.
or replace
equipment.
vendor - available,
---------- Telephone
numbers of
Datacraft
displayed.
10.
11.
12.
16
ACTION PLAN
9. Action plan. Once approved by the controllers this can be displayed at the branch:
(This list is only indicative. This is to be prepared based on different scenarios that can
m em bers Plan
displayed at the
branch)
with experts
locally
available.
This can be at
another
location. In the
same premises
if action 2 is
completed.
claim etc.,
17
2. Power failure. Ms. Observe the
working of
computer to
UPS is giving
the required
output.
unlocking users.
3.
4.
5.
6.
7.
8.
9.
10.
18
POST DISASTER MANAGEMENT ACTIVITIES
storage centre:
19
7. If the branch site becomes completely inaccessible due to fire
CBS branch.
backroom centre.
operations.
Branch:
20
Checklist for testing approved disaster recovery plan:
team:
branch on:
Scenario I:
Scenario II:
rectifications:
21
NOTE: AS PER THE ACTION PLAN DRAWN (ITEM NO.9) THE AREAS
FAX NUMBER:
TELEX NUMBER:
22
2. ACTIONS W HICH DO NOT INVOLVE SIGNIFICANT COST
PLACE:
PLACE:
23