December 9, 1994
Appendix D - Disaster Recovery
It is prudent and required by the Texas Department of Information Resources to anticipate and prepare for the loss of information processing capabilities. The plans and actions to recover from losses range from routine backup of data and software in the event of minor losses or temporary outages, to comprehensive disaster recovery planning in the preparation for catastrophic losses of information resources.
Data Backup
On-site backup is employed to have current data readily available in machine-readable form in the production area in the event operating data is lost, damaged, or corrupted; and to avoid having to reenter the data from source material. Off-site backup or storage embodies the same principle but is designed for longer term protection in a more sterile environment, requires less frequent updating, and provides an additional protection against threats potentially damaging to the primary site and data.
Data and software essential to the continued operation of critical department functions must be backed up. The security controls over the backup resources must be as stringent as the protection required of the primary resources.
Alternate Data Backup
The backup procedures on the multi-user computer systems and departmental servers are designed to protect against data losses caused by hardware failures and other disasters. The frequency and timing of these backups may not provide sufficient protection to meet end-user requirements for data backup. Therefore, it is strongly recommended that end-users include a data backup step in their information processing procedures, and not to depend on single backup procedure to provide all protection.
Contingency Planning
Contingency plans, or disaster control plans, specify actions management have approved in advanced to achieve each of three objectives: to identify and respond to disasters; to protect personnel and systems; and to limit damage. The backup plan specifies how to accomplish critical portions of the mission in the absence of a critical resource such as computers. The recovery plan directs recovery of full mission capability.