TTUHSC IT Policies
1.3 DISASTER RECOVERY (TAC 202.74)
This policy sets forth the guidelines and procedures for recovering the Data Center
and all related information systems providing service to the Institution. In accordance
with the Texas Administrative Code Rule §202.72, Business Continuity Planning, the I.T. Division shall develop and maintain a Disaster
Recovery Plan (DRP) that delineates all the roles and responsibilities for the individual
Disaster Recovery Teams, along with the steps that must be taken for successful recovery
At a minimum, the DRP shall be tested annually or when a major revision occurs and
I.T. staff assigned to disaster recovery duties shall be trained, at least, on an
In the even of a disaster,
- The Chief Information Officer (CIO) is the only authority for declaring a disaster
for the Data Center and all related I.T. services based on the findings of the Tactical
- The Tactical Operations Team is responsible for the timely identification and determination
of the disaster as well as the duration of the service outage.
Upon the declaration of a disaster,
- The I.T. Division and all associated Disaster Recovery Teams will invoke and comply
with the procedures documented in the DRP.
- All efforts will be made to accommodate user needs while recovery services are being
implemented but prioritization of recovery will be based on the criticality of the
service and/or application experiencing the outage.
- The Office of Communications and Marketing is the only authority for all media communications
based on information from the Chief Information Officer.
- The Chief Information Officer or designee from the Management Team is responsible
for conveying all necessary information to the Office of Communications and Marketing
for any updates and/or announcements to the media.
Mission Critical data shall be backed up on a scheduled basis and stored off site
in a secure, environmentally safe, locked facility accessible only to authorized personnel.
TTUHSC Information Resources backup and recovery process for each system must be documented
and periodically reviewed. A process must be implemented to verify the success of
the electronic information backup.
Backups must be periodically tested to ensure that they are recoverable.