Page 560 - ITGC_Audit Guides
P. 560
GTAG — BCM Requirements
• The recovery capabilities of critical IT and informa- • Information security and compliance standards need
tion service providers must be assessed to ensure they to be considered when designing recovery solutions.
meet the requirements of the business. Recovery solutions should not introduce unreason-
• The recovery of IT and information components often able levels of security or compliance risks. Some
must be combined to create a complete system needed security and compliance controls will be relaxed if a
to support critical business processes. For example, real disaster occurs, but a conscious decision is needed
recovery of an application may require recovery of the to understand the risks that exist in the recovery
desktop application, server application, server hard- environment. Recovery solutions are intended to
ware, server operating system, infrastructure servers, reduce the risk associated with the loss of availability,
data center, third party network connections, etc. but must be balanced with the need for integrity and
• Internal and external service providers of IT and infor- confidentiality.
mation services should describe the recovery services
they provide, including information regarding: B. Recovery Solutions and Recovery Sites
o The recovery activities the service provider is The following is a list of recovery solutions and recovery sites
responsible for and any recovery limitations there commonly used.
may be. • Hot recovery plan/capabilities.
o The recovery activities (e.g., reconstructing lost o A recovery plan exists.
data) the organization is responsible for. o Recovery resources are available at recovery
o The manner in which the organization and service site(s) and data is synchronized in real-time to
provider will communicate during a disaster. enable the system to be recovered immediately or
o Contracts for third parties (e.g., application within hours.
service providers) or service level agreements for o Typical recovery time is minutes to one day.
the internal provider. • Warm recovery plan/capabilities.
o The scope of their recovery efforts (e.g., systems, o A recovery plan exists.
data, network, etc.). o Recovery resources (e.g., nonproduction systems,
o Their recovery strategy. spare hardware, etc.) are available at recovery
o Their RTOs and RPOs. site(s) but may need to be configured to support
o The cost of their recovery solutions, services, the production system when the disaster occurs.
testing, and declaration of disaster. o Some data may need to be restored (probably
o The frequency of their recovery testing. from tape or other backups).
• Components of the environment may be recovered o Typical recovery time is two to 13 days.
using solutions that would not normally be used in a • Cold recovery plan/capabilities.
production data center. For example, some data may o A recovery plan exists.
not be recovered initially (e.g., large image libraries) o Recovery site(s) have been identified with space
which means they would not be available (e.g., may and base infrastructure needed to perform the
generate error messages). recovery.
• Recovery strategies for each IT system or component o Recovery resources (e.g., servers) are not avail-
should be developed independently without a need able at recovery site(s) and likely need to be
for consistency with other IT systems. However, it’s procured.
important that components that work together to o Data likely needs to be restored (probably from
form a system be hosted in the same location or in tape backups).
multiple locations that have sufficient network band- o Typical recovery time is 14 to 30 days.
width. For example, e-mail might be recovered at one • No recovery plan/capabilities.
large central data center, file replication may occur at o No recovery plan exists.
another site on a server within the local region, some o Recovery resources and data restore processes
applications and services (e.g., engineering) may be have not been defined.
outsourced temporarily during a disaster, local appli- o Data backup plans exist to ensure that critical
cations recovery may occur using a PC instead of a data can be restored at some time in the future.
server, etc. The objective is to find the best and most o A risk exists that the systems and business
cost-effective recovery solution for each system, even processes they support may never be recovered or
if solutions are spread around the world. The only may result in an extended delayed recovery.
requirement is that the systems be accessible by the
users, regardless of where they are recovered, and all The BCM sponsor and an appropriate team of managers
components of a system work together. must approve the IT recovery solutions for their scope of
13
