10.8 Contingency and Disaster Recovery Planning

10.8 Contingency and Disaster Recovery Planning

Copyright(c), 1995 - Management Analytics - All Rights Reserved

Management officials who are dependent upon IT systems for the support of essential functions are responsible for the development and maintenance of contingency plans for these functions. The contingency planning process will address the following activities:

Each DOC IT system shall develop and maintain in a current state, a contingency plan for disaster recovery which will provide reasonable assurance that critical data processing support can be continued, or resumed quickly, if normal operations of the system are interrupted. These plans will include adequate coverage of:

The plan for large systems supporting essential Departmental or agency functions shall be fully documented. Small systems, such as those located in office environments, may develop a more abbreviated and less formal plan. All plans must be operationally tested at a frequency commensurate with the risk and magnitude of loss or harm that could result from disruption of information processing support, but not to exceed one year.

Section 8 of the "DOC IT Security Manual" contains specific information and guidance concerning contingency and disaster recovery planning.