Scribd
Upload
322 views

Backup Policy

This 3 sentence summary provides the key details about the company's backup policy: The policy states that the IT department is responsible for ensuring critical applications and data are backed up weekly to protect against loss. Backup methods like full, incremental, or differential should be used and media must adhere to industry standards. The backup administrator is responsible for documentation, testing restores quarterly, following media rotation and retention procedures, and securely storing backup media onsite and optionally offsite.

Uploaded by

peacebabatunde
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
322 views

Backup Policy

This 3 sentence summary provides the key details about the company's backup policy: The policy states that the IT department is responsible for ensuring critical applications and data are backed up weekly to protect against loss. Backup methods like full, incremental, or differential should be used and media must adhere to industry standards. The backup administrator is responsible for documentation, testing restores quarterly, following media rotation and retention procedures, and securely storing backup media onsite and optionally offsite.

Uploaded by

peacebabatunde
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Sample Document

Backup Policy (Version 1) 1. Overview


The IT Department is responsible for ensuring that mission critical applications and data are well preserved and protected against loss and destruction. Adequate backups allow data recovery when information technology systems or information have been destroyed by system malfunction or by accidental or intentional behavior.

2.

Scope
This policy applies to all systems managed by the IT Department that reside at any company facility or that store any confidential company information. Exchange Servers have additional requirements for backup as stated in the Exchange Backup Policy.

3.

Policy
3.1. General
At least once a week all information-technology systems and production data are to receive a full backup. Backup of systems and data should take place nightly. Appropriate backup methods (i.e., full, incremental, or differential) should be employed in accordance with the allotted backup window. Backup media must adhere to industry accepted backup technology standards, such as: The medias read/write capacity shall be rapid enough to permit the backup to be completed during the allotted time (i.e., before the start of the next business day; The medias compressed capacity shall be large enough to hold the complete backup; and The media shall be readable after a minimum of 5 years in unattended storage. Data compression algorithms may be used to minimize the volume of data on the backup medium. When compression is employed, the selected parameters and algorithms must be documented and observed during data restoration (decompression).

Sample policy from AAA Technical Writing: Backup Policy (Version 1)

Page 2 of 3

Data stored locally on desktop/laptop computers is not backed up.

3.2. Backup Administrator Responsibilities


Each backup process shall have at least one primary administrator and one substitute who are responsible for adhering to the established backup policy and procedures. The Backup Administrator shall receive adequate training on the data backup process, data restoration process, media rotation, retention and storage. The Backup Administrator shall fully document the following items for each generated backup: Backup Details Date of backup, Type of backup (full, incremental, or differential), Number of generations, Extent of backup (systems and/or files/directories), Storage location of backup copies. Technical Data Media on which the backup data are stored, Backup hardware and software (with version number), Data compression algorithms (optional).

3.3. Verification
To ensure that both the media and backup procedures function properly, at least once per quarter the Backup Administrator shall perform test restores from backup media and document the test results. The Backup Administrator will perform verification of the backup systems after every modification of the backup procedures and document the test results.

3.4. Media Rotation & Retention


The Backup Administrator will employ the following backup rotation: Each backup media set must contain a full weekly backup. Available onsite backup media shall be 2 weeks + 1 day. All retired backup media must be destroyed before being discarded. As a minimum, before disposal, render contents on retired media unusable by formatting/erasing or replacing files with random bits.

Sample policy from AAA Technical Writing: Backup Policy (Version 1)

Page 3 of 3

For maximum security, consider hiring a media disposal contractor. In the event of, or in anticipation of litigation, all offices involved must suspend their routine media retention/destruction policy and put a litigation hold in place to ensure the preservation of relevant data. Further, if relevant data has been determined to be available only on backup media, then that media must be preserved. Obtain directions for putting a litigation hold in place from the companys General Counsel.

3.5. Storage
Backup media should be stored in a fireproof and protected location accessible only to authorized IT staff (i.e, Backup Administrators and their staff). In the case of magnetic media, backup media should be in a case or vault that is shielded from electromagnetic radiation. For maximum safety, at least one set of backup media should be stored off site.

4.

Version History
Number Date 1 April 15, 2009 Blair Bolles Approved by

You might also like