Documente Academic
Documente Profesional
Documente Cultură
BACKUP POLICY
Confidential
Notice of Confidentiality
This document contains proprietary and confidential information of
Suresoft Systems Pvt. Ltd. The recipient agrees to maintain this
information in confidence and not reproduce or otherwise disclose this
information to any person outside of the group directly responsible for
the evaluation of its contents.
Confidential Suresoft Systems Pvt Ltd.
Backup Policy Pondicherry
DOCUMENT SUMMARY:
AUTHOR
REVIEWED BY
CURRENT VERSION
DATE OF CURRENT
VERSION
DATE OF ORIGINAL
VERSION
DOCUMENT TYPE
DOCUMENT STATUS
DOCUMENT CIRCULATION
OWNER
APPROVED BY
REVISION HISTORY:
Table of Contents
1. POLICY STATEMENT...........................................................................................4
2. BACKUP IDENTIFICATION.................................................................................4
3. BACKUP PLAN......................................................................................................4
4. BACKUP PROCESS..............................................................................................4
4. BACKUP STORAGE.............................................................................................5
4.1. ONSITE................................................................................................................5
4.2. OFFSITE..............................................................................................................5
5. BACKUP RESTORATION (RECOVERY)..........................................................5
6. RESTORATION TESTING....................................................................................5
7. DISPOSAL...............................................................................................................6
8. RESPONSIBILITIES..............................................................................................6
1. Policy Statement
“Information System Owners should ensure that adequate backup and recovery
processes are in place in any eventuality for all information systems”
2. Backup Identification
Functional Heads in conjunction with Backup administrators shall identify the critical
data that need to be backed-up.
Backups shall be generated for sensitive data and software that are essential for
business continuity.
Critical paper files must be identified and backed up with a scanned digital copy.
3. Backup Plan
Backup planning for individual systems shall be reviewed and approved by the ISO.
The plan should include Information system to be backed up, priority, back method,
backup schedule and retention period.
An appropriate storage medium shall be used. Media shall be clearly labeled as per
Information classification and handling policy.
The backup media used shall have a life span in accordance with data retention
requirements.
The reuse of media shall be carefully planned to avoid any possible data loss due to
overuse of media.
The back media shall have appropriate identification labels with information such as
creation date, file details, sensitivity of data, retention period etc
4. Backup process
Periodical backup as defined in the Backup plan will be taken by the backup
administrator.
The following types of backup shall be taken unless a different type of back is
required due to business needs
4. Backup Storage
4.1. Onsite
Backup media shall be securely stored in fire safe when not in use. The key to the
cabinet shall be available only with ISO / delegated approved Functional heads and
the duplicate key shall be kept with the Backup administrator for emergency use.
4.2. Offsite
Copies of backups shall be stored in an offsite location, physically distant from the
onsite location.
Whenever, the backup media is moved to and from off-site location, it shall be carried
in sealed and tamper-proof envelope or pouch.
Backup Administrator shall maintain the backup movement logs for the backups at
off-site location.
6. Restoration Testing
A recovery test shall be performed at least once every six months for every backed-
up data or based on importance of the data.
The ISO or other delegates shall randomly audit the backup logs at least once a
month.
Backup administrator shall identify problems related to backup process and take
corrective action to reduce any risks associated with failed backups.
7. Disposal
Backup media must be physically destroyed in a secure manner as per the defined
Operating procedure and ensure:
8. Responsibilities
Backup Administrator is responsible for taking and maintaining backup of all data and
applications as well as operating systems.
It is the responsibility of Users at each function to decide on the criticality and backup
frequency of the backup of information with respect to the data managed by the
functional unit.
Users shall formally inform the Backup Administrator about any new data to be
backed up.
Similarly Backup Administrator shall be informed about discontinuing the back up
when data is no longer in use at the functional unit.