10.5.1 Information Backup

Illustrative Controls and TIBCO LogLogic Solution

Organizations must develop a framework for IT continuity to support enterprise-wide business continuity management with a consistent process. The objective of the framework is to assist in determining the required resilience of the infrastructure and to drive the development of disaster recovery and IT contingency plans. The framework should address the organizational structure for continuity management, covering the roles, tasks and responsibilities of internal and external service providers, their management and their customers, and the rules and structures to document, test and execute the disaster recovery and IT contingency plans. The plan should also address items such as the identification of critical resources, the monitoring and reporting of the availability of critical resources, alternative processing, and the principles of backup and recovery.

Organizations must have procedures in place to back up data and programs based on IT and user requirements. Organizations must define and implement procedures for backup and restoration of systems, data and documentation in line with business requirements and the continuity plan. Verify compliance with the backup procedures, and verify the ability to and time required for successful and complete restoration. Test backup media and the restoration process.

To satisfy this control, administrators must:

  • Define and implement procedures for backup and restoration of systems, data and documentation in line with business requirements and the continuity plan
  • Verify compliance with the backup procedures
  • Verify the ability to withstand the disaster and time required for successful and complete restoration
  • Test backup media and the restoration process
  • Review the backup logs periodically to ensure that the backups are performed successfully
  • Store backups in a remote location, at a sufficient distance to escape any damage from a disaster at the main site
  • Protect backups by means of encryption where confidentiality of information is important

Administrators must test the IT continuity plan on a regular basis to ensure that IT systems can be effectively recovered, shortcomings are addressed and the plan remains relevant. This requires careful preparation, documentation, reporting test results and according to the results, implementing an action plan. Consider the extent of testing recovery of single applications to integrated testing scenarios to end-to-end testing and integrated vendor testing. In addition, administrators must review backup logs periodically to ensure backups are performed successfully.

TIBCO LogLogic directly supports this control because the reports and alerts of TIBCO LogLogic are capable of extracting system records, which validate when and if a backup was performed and that the backup is an exact copy of the original. TIBCO LogLogic can monitor systems to ensure that data backups are successfully accomplished on time and that data restores are possible. They can also monitor and alert on when a data restore is completed successfully or unsuccessfully so that the integrity of the backup data is retained in the event of a need to exercise a disaster recovery plan.

Reports and Alerts

Use the following link/reference to see the 10.5.1 reports and alerts: TIBCO LogLogic Reports and Alerts Quick Reference.