The Official Web site for the Office of Information Technology - UTSA

This document should be rendered in an HTML format with cascading style sheets and JavaScript turned on.

Office of Information Technology Home Page

Skip to Main Content

Skip to Navigation

Please take a few minutes to read our Accessibility Page which will make your visit through this Web site easier.

Copyright (c) 2010. The University of Texas at San Antonio. All rights reserved.

OIT Home > About OIT > Information Resource Standards > Disaster Recovery Standard

Disaster Recovery Standard

The goal of this standard is to provide for the restoration and recovery of critical systems and applications in the event of an emergency or declared disaster. As a companion to the University’s business continuity and emergency preparedness program, the focus of these standards is on mitigation of risk in the area of computing and technology throughout the campus.

Campus units must ensure that critical data are backed up periodically and copies maintained in an off-site location.

Campus units must develop and maintain written recovery procedures for natural and man-made disasters.  These plans must be available to staff at all times.

The disaster recovery plan must involve the ongoing process of data classification to identify critical data, planning, developing and implementing disaster recovery management procedures to ensure efficient and effective resumption of critical functions in the event of an unscheduled interruption.

Data Owners must identify the Recovery Time Objective, the length of time by which the system must be returned to an acceptable level of service and the Recovery Point Objective, which indicates the point in time to which processing has to be returned.

Disaster recovery plans will be tested annually or when new systems are installed.

Model templates will be provided to aid in planning and documentation.

Companion Standard: Enterprise Back-up and Data Recovery Standard
Effective Date:

October 31, 2011

Compliance Date:

December 31, 2011

Last Revision:

July 27, 2011

 

Account Management

Disposal of Computers
Other Electronic Devices

Laptop Encryption

Policy Exception and Risk Assumption Procedures

Administrative/Special Access

E-Mail Management

Log-in Disclaimer

Security Monitoring

Application Registration

Incident Management

Network Access

Security Training

Enterprise Backup &
Data Recovery

Information Resource Use and Security (pending)

Network Configuration

Server Hardening

Change Management

Information Security Risk Assessment

Password

Software Licensing

Computer Naming Convention

Information Security Administrator (ISA)

Patch Management Standard

Threat Detection and Prevention

Configuration and Asset Management

Information Security Training Standard

Personal Computing

Unauthorized File Sharing

Copiers and Printers

Information Services Privacy

Physical Access

Vendor Access

Data Center

Internet Use

Portable Computing

Web Application Vulnerability Scanning

Data Classification

Intrusion Detection

Protection Against Malicious Software

Wireless Network

 

 

 

Workstation Operating Systems Support

Tools