Chief Financial Officer   DP290.10   The organization will determine system criticality by assessing the impact to the
         with Director of                   relevant business of a system failure.
         Information
         Technology, Privacy
         and Data Security
         IT Staff and IT Vendor   DP290.11   The organization will routinely back up its data to maximize availability and prevent
                                            information loss.
         IT Staff and IT Vendor   DP290.12   The organization will store its backup data at a specialized, secure facility designed for
                                            that purpose or on redundant systems located in geographically distinct data centers.







































































                                                                                                         29 | P a g e
        GES CONFIDENTIAL