Maintain the One IYSS System
Backup
The data backup policy form an integrated part of the companies disaster recovery plan. To ensure that the system and all information stored on it are preserved in the event of a failure, you should ensure that the policy covers the following points:
- Frequency
- Rotation
- Retention
- Location
- Supporting hardware and software.
Frequency
How often you back up the system depends on how much data you are prepared to lose in the event of a failure requiring full system restoration.
Rotation
You should ensure that you can restore data from a variety of points in time. It may be necessary to restore data as it was at a certain month or year end, or in the event of the most recent backup failing. An example rotation period may take the following form:
|
|
Rotation Period |
|
Monday - Thursday |
Weekly |
|
Friday |
Monthly |
|
Period End |
Stored in accordance with retention policy |
Retention
Backups should be stored for predetermined lengths of time in accordance with company and legal policies. It must comply with audit rules specified by financial legislation, the Data Protection Act (1998), and any contractual obligations that involve the information held. As new contracts are acquired, backup retention should be reviewed to ensure contractual and auditory obligations are met.
Location
It is recommended that backup media and supporting software is held off-site in a secure and fireproof safe. This should be easily accessible in the event of a disaster or failure.
Supporting Hardware and Software
Your retention policy is likely to exceed the lifespan of your hardware, operating systems, backup agents, and back office products such as the Oracle server, and the current version of One IYSS. As specified in your retention policy, you must retain all supporting software and backup hardware, such as DAT drives, for the duration of the backup media retention.