Disaster Recovery/Business Continuity Planning

Having well thought-out plans in place before a disaster or disruptive event helps an organization recover quickly, and keep operating with minimal disruption or downtime. These planning efforts—referred to as disaster recovery (DR), business continuity (BC) planning, and enterprise continuity (EC)—typically focus on critical systems, and identify dependencies and possibilities for improvement. Critical systems are, for example, those whose disruption would result in:

  • Risk to human and/or animal life or safety.
  • Significant impact to the university’s research, learning, and teaching missions.
  • Significant legal, regulatory, or financial costs.
  • Preventing or seriously impeding a campus unit from carrying out their primary function within the first 48 hours following an event (48 hour Recovery Time Objective – RTO).

Expand All Content

Information Assurance (IA) Support

Units can create their own DR plans using templates

For those units that want to create disaster recovery plans, IA provides various templates that can be used. The Disaster Recovery Plan Template (PDF) provides a high level plan containing the essential DR plan elements that will help guide units.

In addition, for your convenience, IA has provided a set of DR Template Google Sheets containing the templates called out in the DR plan template to help ensure the usefulness and uniformity of recovery content.

IA offers extensive guidance to units

IA offers extensive guidance, consulting, and subject matter expertise to units for unit-level disaster recovery/business continuity planning and preparedness based on unit requests and needs.

For details about available services and costs, if any, please see Disaster Recovery/Business Continuity Planning Service.

IA and ITS maintain DR plans for IT services provided by ITS

ITS has created DR plans for all of its critical systems, and IA continues to work with ITS teams to update and improve their plans, as well as to assist new teams in the creation of DR plans for additional ITS non-critical systems.

In addition, IA can work with units to develop DR plans for unit-level mission-critical systems.

Unit Responsibilities

Units are strongly encouraged to create disaster recovery plans for their systems. Units with self-identified critical systems should also be aware of their Responsibility for Maintaining Information Technology Backup and Recovery Procedures (SPG 601.07-1). In addition, Information Security Policy (SPG 601.27) establishes university-wide strategies and responsibilities for protecting the confidentiality, integrity, and availability of the information assets that are accessed, managed, and/or controlled by the university.