Power Continuity

Teddy M. Danguilan
-Computer systems require uninterrupted, clean power to operate. Data centers
typically employ several different types of controls to maintain clean power. These
controls include.
1.Redundant power feeds that provide power from one power station.
When the power supplied by one feed is lost, the other often will remain live. As a
result, redundant power feeds can be used to maintain utility power continuity.
How
This control is not always present, but it is worth exploring with the data center facility
manager during interviews

2. Ground to earth to carry excess power away from systems during electrical
faults.
Ungrounded electrical power can cause computer equipment damage, fire, injury, or
death. These perils affect information systems, personnel, and the facility itself. Today,
buildings that do not have grounded electrical outlets most likely will be in violation of
building code.
How
Unlike redundant power feeds, the ground-to-earth control always should be present.
Ground to earth is a basic feature of all electrical installations.
It consists of a green wire that connects all electrical outlets to a rod that is sunk into
the ground. When short circuits or electrical faults occur, excess voltage is passed
through the ground wire safely into the ground rather than short-circuiting electrical
equipment. This control should be present in any facility less than 30 years old or so,
but it is definitely worth verifying.
Older buildings that have not had electrical systems upgraded may not have an
electrical ground, however. This information can be obtained by interviewing the data
center facility manager or through observation.
3. Power conditioning system to convert potentially dirty power to clean power.

Clean power can be represented as a wave pattern with symmetric peaks and
valleys.
Dirty power often results from electrical noise generated by normal operation
of electrical equipment.
Spikes is the sudden extreme increase in voltage of an equipment.
Sag is a short term decrease in voltage levels that starve the machine from
power.
Power spikes and sags damage computer systems and destroy information. Power
conditioning systems mitigate this risk by buffering the spikes and sags.

How
Power conditioning systems smooth out the wave pattern to make it symmetric.
Through interviews and observation, the auditor should verify that power is being
conditioned by either a power conditioning system or a battery backup system

4.Battery back up system that provide immediate power typically for short periods
of time.
Power failures can cause data loss through abrupt system shutdowns. UPS battery
systems mitigate this risk by providing 20 to 30 minutes of power as well as power
conditioning during normal utility power condition.
How
The auditor should interview the data center facility manager and observe UPS battery
backup systems to verify that the data center UPS system is protecting all critical
computer systems and affords adequate run times.
5. Generators protect against prolonged power loss.
GENERATORS
--allow the data center to generate its own power in the event of a prolonged loss of
utility power.
Common Types of generators
1.Diesel generators
- most common but have a finite amount of fuel stored in their tanks.
-Diesel fuel is also a biohazard.
- If it is spilled, there could be significant cleanup expenses.
-Also, if the generator is in close proximity to the data center, there is a danger of a spill
that reaches into the data center itself, which would be disastrous. These risks can be
mitigated though fuel service contracts and spill barriers, however
2.Natural gas generators
-run cleaner and theoretically have an infinite supply of fuel as long as the gas lines are
intact.
-There is no danger of spills, but there is an increased danger of fire.
-Natural gas generators are employed rarely, however, because of the expense.
-Propane generators are also expensive but have a limited supply of fuel. Again, this can be mitigated with
service contracts

How
All types of generators require frequent maintenance and testing. As a result, the
auditor should review both maintenance and test logs during a data center audit.
Additionally, auditors should obtain the sustained and peak power loads from the
facility manager and compare them with current power generation capacity.

ALARM SYSTEM
Jenelyn Catalan
Wishel Dangarang
A. Definition:
It means any device or system that transmits a signal that indicates a hazard or occurrence requiring an
emergency response.
Any alarm-initiating device or assembly of equipment that automatically detects heat, smoke or other products
of combustion or need of other public safety or emergency response.
B. Advantages.
1. Protects valuables
2. Deters crime
3. For peace of mind -> the confidence of feeling safe with the knowledge that the
alarm will help you in the event that someone breaks your property.
4. Notifies problems
5. Lowers insurance premiums
Data centers normally have several different alarm systems that are designed to
monitor for unauthorized access to the facility, fire, water, and excessively high or low
humidity. These alarm systems typically feed into a console located in the data center
operations center.
14. Ensure that a burglar alarm is protecting the data center from physical
intrusion.
A burglar alarm failure would allow a physical intrusion to go undetected.
Burglar alarms mitigate this risk.
`an electronic device that triggers a loud noise or other alert when someone attempts
to make unauthorized entry. How does it works? The operation of a burglar alarm is the
same that of an electric circuit. In order to know about burglar alarms, one has to
compare them to a simple electric circuit or appliance. For example, one has to turn on

a switch to turn off the lights or any other appliance. This principle works in the same
way with burglar alarms. The only difference is that the movements of an intruder will
be detected by the switch. If an intruder breaks in a house through a door or window,
his movements will be detected by a switch which will trigger the burglar alarm.

How:
Burglar alarms are designed to detect physical intrusions. They do this
through a series of sensors that are placed in strategic locations such as
doors and hallways. Burglar alarm systems employ the following common
types of sensors:
Motion sensors that typically detect infrared motion
Contact sensors that are placed on windows and doors to detect when they are opened
Audio sensors to detect breaking glass or changes in normal ambient noise
When auditing a data center, the auditor should review sensor placement, verify that
critical areas of the data center are covered adequately, and review maintenance logs
to ensure that the system has been maintained and tested properly.
The following are the features of burglar alarms:
Video monitoring > this feature will allow you to view live feeds of whats happening.
You can record activity, too. In the case that a crime is committed, the footage captured
by your video surveillance will help nab the culprit.
Motion sensor --> when no one is supposed to be moving, this feature will help
anything out of place.
Sensors on doors and windows --> you shut your doors and windows for the night, and
you dont plan an opening them until the morning. In order to prevent a would-be
burglar from sneaking an unnoticed, these sensors will be set near any access point
and will trigger an alarm or a beep when open.
Sirens --> a wild enough siren can disorient a would-be burglar and send them packing.
They might even panic long enough for police to arrive and bring them to justice.
Intercom --> with an intercom system in place, you can communicate with other
members, even in a dangerous situations.
Connectivity --> when the alarm is tripped, someone who is monitoring alerts will
attempt to contact you. If you dont answer or you cant provide the proper code word
to turn off the system, the police will be on their way.
Fire and carbon monoxide detection --> it will protect you from other unwanted
dangers.

15. Verify that a fire alarm is protecting the data center from the risk of fire.
Because of all the electrical equipment, data centers are prone to fires. Fire alarms alert
data center personnel of a developing fire condition so that they can evacuate the
premise. A fire alarm failure would put human life at risk.
How:
Data centers should have fire alarms to detect electrical fires before they can threaten
human life. Data center fire alarm systems usually are multizone systems, which
reduces the risk of false alarms due to a single malfunctioning sensor or zone. In a
multizone system, sensors in two or more zones must detect the fire before an alarm
sounds. There are three types of sensors:
Heat sensors activate when temperature reaches a predetermined threshold or when
temperatures rise quickly.
Smoke sensors activate when they detect smoke.
Flame sensors activate when they sense the infrared energy or flickering of a flame.
Smoke actuated sensors and heat sensors are most common. When auditing a data
center, the auditor should review fire alarm sensor type, placement, maintenance
records, and testing procedures.
fire alarm system means a combination of approved compatible devices with the
necessary electrical interconnection and energy to produce an alarm signal in the event
of a fire or emergency medical situation or both, and when activated, emits a sound or
transmits a signal to indicate that an emergency situation exists.
16. Ensure that a water alarm system is configured to detect water in highrisk areas of the data center.
Water and electronic equipment do not mix well. As a result, data centers normally
employ water sensors in strategic locations such as near water sources or under raised
floors. Water sensors detect the presence of water and are designed to alert data
personnel prior to a major problem.
How:
When performing a data center audit, the auditor should identify potential water
sources such as drains, air-conditioning units, exterior doors, and water pipes to verify
that water sensors are placed in locations where they will mitigate the most risk. The
facility manager should be able to point out both water sources and sensors during a
tour of the facility. The auditor also should review maintenance records to ensure that
the alarm system is maintained periodically.
17. Ensure that a humidity alarm is configured to notify data center
personnel of either high or low-humidity conditions.
Humidity levels above 60 percent or below 40 percent can cause computer equipment
damage. High humidity can cause corrosion of computer components, and low humidity

can cause static electricity discharges that can short-circuit system boards. As a result,
data centers should be equipped with humidity alarm systems.
How
In a proper humidity alarm installation, humidity sensors are placed in all areas of the
data center where electronic equipment is present. When reviewing the humidity alarm
system, the auditor should ensure that sensors are placed in appropriate locations
either by reviewing architecture diagrams or by touring the facility. The auditor also
should review maintenance and testing documentation to verify that the system is in
good working order.
A water sensor is a device used in the detection of the water level for various
applications. Water sensors are of several types that include ultrasonic sensors,
bubblers, and float sensors.
Ultrasonic sensors operate by transmitting sound waves that reflect from the liquid
surface and are obtained by the sensor. The sensor measures the time interval between
the transmitted and received signals, which is then converted into distance
measurement with the help of electronic circuits with the sensor thereby measuring the
level of the liquid.
Float sensors work based on the change in resistance of a potentiometer within the
sensor by the turning of a pulley or a spring-loaded shaft.
Bubbler sensors measure water level by detecting the pressure of air-filled tubes with
an open, submerged bottom end. The static pressure at the end of the tubes is more
when the water level is high, and therefore more air pressure is required to fill the tube.
18. Review the alarm monitoring console(s) and alarm reports to verify that
alarms are monitored continually by data center personnel.
Alarm systems most often feed into a monitoring console that gives data center
personnel the opportunity to respond to an alarm condition before calling authorities,
evacuating the building, or shutting down equipment. The absence of a monitoring
console would introduce the risk of an alarm condition going unnoticed.
How
The data center should have an alarm-monitoring console, where alarm systems are
monitored by data center personnel. The auditor should review alarm reports and
observe the data center alarm-monitoring console to verify that burglar, fire, water,
humidity, and other alarm systems are monitored continually by data center personnel.
Occasionally, the burglar alarm is monitored by data center security staff. The main
objective here is to verify that alarms are being monitored.

FIRE SUPPRESSION SYSTEM

Mark Paul Castillo

FIRE - the light and heat and especially the flame produced by burning
SUPPRESS to end or stop something
SYSTEM a group of related parts that move or work together
Data centers are critical as the heart of many companies information
infrastructures. No company can accept the failure of its networks and servers because
no business can afford downtimes or the loss or irreplaceable data and market
presence. For some industries, even one or two hours of downtimes can be devastating.
Thats why its important to provide your data center with the highest level of safety.
Because of the large amount of electrical equipment, fire is a major threat to
data centers. Therefore, data centers normally are equipped with sophisticated firesuppression systems and should have a sufficient number of fire extinguishers or fire
prevention facilities.

Identifying and preventing risks

The risk of fire is particularly high due to the presence of a constant ignition
source (electricity) and plentiful supply of combustible materials. Short circuits, due to
the extensive cabling, can have serious consequences. The need for a comprehensive
air cooling results in a higher air exchange making early detection even more difficult.
An integrated fire safety concept is therefore crucial to protect critical data and to
ensure uptime.

PLANNING TOOL-FIRE SAFETY SOLUTIONS FOR DATA CENTERS

1. Fire control panels- convert a fire alarm into actions for alarm notification,
evacuation, and
extinguishing.
2. Aspiring smoke detection- the highly sensitive system- with Genuine alarm
Guarantee- for the earliest possible fire detection in highly ventilated data
centers minimizing the risk of fire damage. It is typically applied in closed server
racks, false floors, and ceilings, cable ducts and air in-and-outputs.
3. Point type fire detectors- unsurpassed detection reliability with high immunity
to deception.
4. Extinguishing control panels- XC10 combines fire detection and extinguishing
control- either for a single-sector or a multisector application. All relevant
incidents are forwarded to connected fire control panels. it also interfaces with
ventilation system.
5. Alarm indicators- If a fire detector that is not easily visible triggers an alarm,
the alarm indiocator will quickly identify the area in danger.
6. Sounder and Sounder beacon- In a data center alarm sounder FDS221 and
alarm beacon FDS229 are recommended to alert the occupants acoustically and
optically.
7. Voice alarm system- In case of fire, the voice alarm system E100 is
automatically activated by the fire detection system. it ensures that the data
center and neighboring areas are evacuated before the discharge of an
extinguishing agent.

8. Sinorix Silent Nozzle- is designed for quiet extinguishing in data centers and
server rooms- resulting in disturbance-free operation of hard disk drives during
the extinguishing process.
9. Extinguishing with sinorix 1230- recommended for small to-medium-sized
centers. It floods the room within 10 seconds and starts extinguishing before any
electronic equipment isseverely damaged.
10.Extinguishing with sinorix CDT- recommended for medium-to-large sized
data centers, Sinorix CDT technology discharger nitrogen and argoninto the
flooding zone at constant mass flow throughout the entire flooding time. This
eliminates the peak at the beginning of the discharge and thus lowers the
maximum noise level, in addition the size of the overpressure flaps can be
reduced by up to 70%.
11.Video Surveillance- monitors critical zones such as the entrance area, etc., to
record incidents before and after the event.
12.Access Control- provides safe and flexible access authorization, time recording,
and badge issuing.
13.Intrusion detection- detection of unauthorized access. For the protection
against flooding, a special flood detector enables the alarm system to detech
water leaks.
14.Extinguishing with Sinorix H2O Gas- In critical applications uninterrupted
power supply (UPS) systems ensure continuity in case of power cuts. For those
systems representing a thermal risk, Sinorix H2O Gas, based on nitrogen and
water, combines highly efficient nitrogen extinguishing with a cooling water mist.
15.Ex zone devices- to guarantee continuity in case of power failure, a data center
is always connected to an uninterruptible power supply (UPS). In some of these
explosion-hazard areas, such as battery rooms or gas generators, Ex devices
have to be used.
Karen Joyce Felix
Data Center Operations
-these refers to the workflow and processes that are performed within a data center.
It includes computing and non-computing processes that are specific to a data center
facility or data center environment.
Data Center operations include all automated and manual processes essential to keep
the data center operational.
For a data center to be effective, it requires strict adherence to its policies, procedure
and plans. These policies, procedures and plans are used for determining who is
granted the access to the data center, what access they are granted, determining
which/when facility-based systems are to be schedules for maintenance, and
determining which actions should be done during an emergency.
Areas to be covered by these policies:

Physical Access control

Facility monitoring
Roles and responsibilities of data center personnel

 Segregation of duties of data center personnel

Responding to emergencies and disasters
Facility and equipment maintenance
Data center capacity planning
Data center
One example of why documented policies, plans, and procedures are so important
might include a scenario where a generator catches fire while being tested. Without
clear procedures and proper training, we probably would witness employees running
around in the heat of the moment responding in a way that they think is most
appropriate but most likely not working together to solve the problem. With clear
emergency response procedures, the decisions would have been thought out ahead of
time, and employees would not be forced to make decisions in the heat of the moment.
We most likely would witness a more coordinated response.

24 Ensure that physical access control procedures are comprehensive and being
followed by security staff.
Physical access control procedures govern employee and guest access to the data
center facility. If physical access control procedures are incomplete or not enforced
consistently, data center physical access will be compromised.
How
When reviewing physical access control procedures, the auditor should do the
following:
Ensure that access authorization requirements are clearly defined for both employees
and guests.
Verify that guest access procedures include restrictions on taking pictures and outline
conduct requirements within the data center.
Review a sample of both guest access and employee ID authorization requests to
ensure that access control procedures are followed.

25 Review facility monitoring procedures to ensure that alarm conditions are addressed
promptly.
Facility monitoring procedures ensure that all critical alarm conditions are captured and
acted on promptly. They should include a description of the alarm systems that will be
monitored, as well as the steps that are to be taken in the event of all reasonably
foreseeable alarms, including fire, burglar, water, power outage, data circuit outage,
system, and system component alarm conditions. The lack of system monitoring
procedures could result in unnecessary risk to information systems and data center
facilities.
How
When auditing facility monitoring procedures, the auditor should do the following:

Ensure that all critical systems and facility alarms are defined as "monitored systems"
in the procedure.
Verify that alarm-condition response is clearly outlined for each type of alarm condition.
The auditor should be able to obtain the actual monitoring procedures as well as
monitoring logs from data center facility management.

Issah Dennise D. Centeno

26. Verify that network, operating system, and application monitoring
provides adequate information to identify potential problems.
System monitoring provides insights into potential problems resulting from capacity
issues, misconfigurations, and system component failures. Inadequate system
monitoring gives rise to the threat of security violations going undetected and system
outages.
When auditing monitoring system procedure, it is important to understand FIRST the
objective of the system. The auditor should understand the criticality of specific system
components and verify that monitoring systems provide near-real-time information to
detect a problem with these system components.
Additionally, the auditor should review monitoring logs and reports to identify instances
where components being monitored exceed predetermined thresholds and then verify
that actions have been taken to remediate the condition.

27. Ensure that roles and responsibilities of data center personnel are clearly
defined.
Proper Data Center Staffing is Key to Reliable Operations because well defined
employees and responsibilities ensure that responsibility and accountability for data
center functions are clear.
The auditor should ensure that all job functions are covered and that responsibilities
associated with job functions are clearly defined in order for the Data Center Personnel
to know their JOB BOUNDARIES and for them to perform their assigned activities
efficiently that will result to high- quality of work. Data center facility management
should be able to provide job descriptions, including roles and responsibilities.
In order to be fully effective, a Data Center must have the proper number of personnel
that are organized correctly.

28. Verify that duties and job functions of data center personnel are
segregated appropriately.
Key to Data Security

When reviewing the data center's segregation of duties, the auditor should verify that
high-risk job functions, such as access authorization, are segregated across two or
more employees to reduce the risk of fraud or inadvertent errors and to minimize
unauthorized access.
Separation of duties restricts the amount of power or influence held by any individual. It
also ensures that people dont have conflicting responsibilities and are not responsible
for reporting on themselves or their superiors.
2 Primary Objectives
Prevention of conflict of interest, the appearance of conflict of interest, wrongful acts,
fraud, abuse and errors.
Detection of control failures that include security breaches, information theft and
circumvention of security controls.

29. Ensure that emergency response procedures address reasonably

anticipated threats.
The auditor should verify that plans are present for all foreseeable threats and ensure
that response procedures are comprehensive and well thought out.
Data Center Personnel need a clear plan to address the condition losses.
Depending on the nature of disruption, the data centers overall integrity may be
untouched or it could be totally destroyed. So we need emergency response procedures
that are flexible and scalable to address a broad range of disruption scenarios.

Ma. Angelica Dayrit

30. Verify that data center facility bases systems and equipment are
maintained properly.
Prevention is better than cure. Since, these are prone to premature failure, hence can cause loss of
information and system outages, auditor should maintained the place at least semi-annually and review
maintenance logs for critical systems and equipment.
31. Ensure that date center personnel are trained properly to perform their job functions.
How? Auditors should review training history schedules during data center audits.
32. Ensure that data center capacity is planned to avoid unnecessary outages.
How? Auditor should review monitoring thresholds and strategies that data center management uses to
determine when facility equipment, or network require upgrading.
33. verify that procedures are present to ensure secure storage and disposal of electronic media.
How?

E- media must be stored in a dry, temperature controlled and secure environment.

E- media containing sensitive information are encrypted and tracked as they move from one place to another
E- media are degaussed overwritten with a Department of Defense- compliant electric shredding utility or
physically destroyed prior to disposal.
AUDITING DISASTER RECOVERY (OVERVIEW)
Ana Mia Elegado
DISASTER a sudden calamitous event bringing great damage, loss or
destruction.
RECOVERY bring back to normal position or condition
Disaster Recovery Audit
-The process of collecting and evaluating
evidence of an organization's information systems, practices, procedures, operations and
governance.
- It focuses on determining risks which are
relevant to information assets, and in assessing controls controls so as to reduce or mitigatethese
risks
IT AUDIT

The process of collecting and evaluating evidence of an organizations

information systems, practices, procedures, operations and governance.

It focuses on determining risks which are relevant to information assets, and in

assessing controls controls so as to reduce or mitigate these risks.

DISASTER RECOVERY AND BUSINESS CONTINUITY AUDITING

-Disaster Recovery (DR) and Business Continuity refers to an organizations
ability to recover from a disaster and/or unexpected event and resume operation.
HOW CAN A COMPANY BENEFIT FROM PERFORMING A DISASTER RECOVERY
AUDIT?
-Audit results can identify areas of the disaster recovery program that are
incomplete, lack suitable procedures, lack suitable documentation, are untested, and
not up to date. Satisfying the audit findings will ensure that the disaster recovery
programs, and its various components, are up to date, appropriate for their anticipated
function, and capable of fulfilling the organizations business objectives.
FACTORS THAT SHOULD BE CONSIDERED AS PART OF A DISASTER RECOVERY
AUDIT
1. Disaster recovery policies, mission statement

2. Written disaster recovery plan with continual updating

3. Designated hot site or cold site
4. Ability to recover data and systems
5. Processes for frequent backup of systems and data
6. Tests and drills of disaster procedures
7. Data and system backups stored offsite
8. Appointed disaster recovery committee and chairperson
9. Visibly listed emergency telephone numbers
10. Insurance
11. Procedures allowing effective communication
12. Updated and validated system and operational documentation
13. Emergency procedures
14. Backup of key personnel positions
15. Hardware and software vendor lists
16. Both manual and automated procedures
Minimizing downtime and data loss is measured in terms of two concepts:
1. The Recovery Time Objective (RTO)
-The time within which the business process is restored after a major incident
(MI) has occurred, in order to avoid unacceptable consequences associate with a
break in business continuity
2. The Recovery Point Objective (RPO)
- The age of files that must be recovered from backup storage for normal
operations to resume if a computer, system, or network goes down as a result of
a MI.
- It is expressed backwards in time starting from the instant it which the MI
occurs, and can be specified in seconds, minutes, hours or days.
- Thus, it is the maximum acceptable amount of data loss measured in time
- It is the age of the files or data in backup storage required to resume normal
operations after the MI
THE BUSINESS CONTINUITY PLAN (BCP)
-A comprehensive organizational plan that includes the Disaster Recovery Plan
Benefits that can be obtained from the drafting of Disaster Recovery Plan
Providing a sense of security
Minimizing risks of delays
Guaranteeing the reliability of standby systems
Providing a standard fro testing the plan
Minimizing decision-making during a disaster
Reducing potential legal liabilities
Lowering unnecessary stressful work environment
TYPES OF DISASTERS
1. NATURAL DISASTER - a major adverse event resulting from the earths natural
hazards
2. MAN-MADE DISASTERS these are the consequence of technological or
human hazards

NATURAL DISASTERS

TEN STEPS IN DEVELOPING A DISASTER RECOVERY PLAN

(Geoffrey H. Wold, Disaster Recovery Journal)
1. Obtaining top management commitment
2. Establishing a planning committee
3. Performing a risk assessment
4. Establishing priorities for processing and operations
5. Determining recovery strategies
6. Collecting data
7. Organizing and documenting a written plan
8. Developing testing criteria and procedures
9. Testing the plan
10.Obtaining plan approval
BUILDING A DISASTER RECOVERY AUDIT PLAN
WAYS TO EASE THE PROCESS:
1. Define the internal audit plan for IT disaster recovery and document the criteria,
scope, method and frequency of audit
2. Ensure that only qualified auditors are appointed

3. Select auditors and conduct the audit to ensure objectivity and impartiality
during the audit process
4. Establish a procedure to ensure that deficiencies identified in an audit are
corrected within an agreed-upon time frame
5. Ensure that audits address internal and external organizations
6. Conduct an internal audit when there significant changes to critical IT servicers,
business continuity and/or disaster recovery requiremments
7. Have audit results documented and reported to senior management
BUILDING A DISASTER RECOVERY MAINTENANCE PLAN
1. Establish an ongoing plan maintenance schedule of activities
2. You can build your maintenance programs with something as simple as a
spreadsheet
3. Coordinate disaster recovery maintenance activities with existing IT activities
4. Document all maintenance actions, including when (date/time) maintenance was
performed, summary of maintenance activities and approvals as needed
5. Leverage existing internal resources to provide a secure repository for
maintenance activities
6. Generate periodic maintenance reports to management highlighting the status of
maintenance activities and issues that need to be sddressed
BUILDING A CONTINUOUS IMPROVEMENT CAPABILITY
Once the disaster recovery project is completed, launch an ongoing process of
continuous improvement
This process has ties to the kaizen philosophy of manufacturing , which
encompasses activities to continually improve all manufacturing function,
involving all workers and all processes
When applied to disaster recovery, continuous improvement ties together the
previously discussed disaster recovery audit and maintenance activities and
leverages the results of both to introduce improvements to the process on an
ongoing basis
As always, secure management authorization when organizing a continuous
improvement programme

Audit of Data Backup and Restore

Shirley Dagdagan
Why?
Because sound backup and restore procedures are critical for
reconstructing systems after a disruptive event.
There are several reasons why it's important to have multiple backup
destinations in multiple locations. It's impossible for a single destination to

always be available without occasional downtime due to maintenance or failure. During

this downtime is exactly when trouble will strike, so you need multiple destinations.
This audit absolutely must involve the client because they are the only ones who
truly know the data. Below is the process we use to periodically review backups with
our clients to ensure their data remains safe.
Steps in Auditing Data Backup and Restore
3. Ensure that backup procedures are appropriate for respective systems.
Depending on the maximum tolerable downtime, system backup schedules could be
as frequent as real time or as infrequent as monthly. If systems are backed up less
frequently than required on critical systems, data will be lost in the event of a system
failure.
maximum tolerable downtime (MTD) the maximum period of time that a given
business process can be inoperative before the organizations survival is at risk.
How?
1. Verify that backup procedures are in alignment with organizational backup practices.
2. Ensure that more critical systems are backed up more frequently.
The auditor also should consider retrieving and reviewing a sample of backup system
logs.
Types of backup operation
Full backups
this type of backup makes a copy of all data to another set of media, which can be
tape, disk or a DVD or CD
Incremental backups
copying only the data that has changed since the last backup operation of any type.
Differential backups
similar to an incremental the first time it is performed, in that it will copy all data
changed from the previous backup. However, each time it is run afterwards, it will
continue to copy all data changed since the previous full backup.
4. Verify that systems can be restored from backup media.
Test media to ensure that system restore works properly.
How?
The auditor should ask a system administrator to order backup media from off-site
storage facilities and observe the restoration of data from the media to a test server.
The auditor then should review the restore logs to verify that all files were restored.
5 Ensure that backup media can be retrieved promptly from off-site storage
facilities.
Often, backup media cannot be retrieved from off-site storage facilities. This is due to
backup media being marked improperly or placed in the wrong location.
To avoid undue delay in restoring systems or a complete loss of data.

How?
The auditor should verify that backup media can be retrieved within the time frames
set forth in the service-level agreement with the off-site storage vendor.
Disaster Recovery Planning
Alford Sery A. Cammayo
A documented process or set of procedures to recover and protect a business IT
infrastructure in the event of a disaster
It is a comprehensive statement of consistent actions to be taken before, after
and during a disaster.
The disaster could be natural, environmental or man-made.
Objectives:
1. To minimize downtime and data loss
2. To protect the organization in the event that all or part of its operations and/or
services are rendered unusable
3. To minimize the disruption of operations and ensure that some level of
organizational stability and an orderly recovery after a disaster will prevail

6 Ensure that a disaster recovery plan exists and is comprehensive and that
key employees are aware of their roles in the event of a disaster.
How
Auditing disaster recovery plans can be difficult because of the complexity of
successfully recovering data center operations. In auditing disaster recovery plans, the
auditor should do the following:
1. Ensure that a disaster recovery plan exits.
2. Verify that the disaster recovery plan covers all systems and operational areas.
3. Review the last data center threat assessment to verify that the disaster
recovery plan is still relevant and addresses the current risk to the data center.
4. Ensure that disaster recovery roles and responsibilities are clearly defined.
5. Verify that salvage, recovery, and reconstitution procedures are addressed.
6. Ensure that the emergency operations center has appropriate supplies,
computers, and telecommunications connectivity.
7. Ensure that emergency communications is addressed in the plan.
8. Review the findings of the last disaster recovery exercise.

7 Ensure that disaster recovery plans are updated and tested regularly.
How
When auditing disaster recovery plans, the auditor should review the update or version
history that usually is included in the front of the plan. Plans should be updated at least
annually. Likewise, the auditor should review disaster recovery test documentation to
verify that tests are performed at least annually. This information usually accompanies
the plan in either electronic or paper form.

8 Verify that parts inventories and vendor agreements are accurate and
current.
How
The auditor should review both parts inventories and vendor agreements to ensure that
both are current for existing systems. Vendor agreements should accompany the
disaster recovery plan. Part inventories can be obtained from asset management or
system personnel.

9 Ensure that emergency operations plans address various disaster scenarios

adequately.
How
The auditor should verify that any reasonably anticipated scenario is covered by
emergency operations plans and that plans accurately reflect specific needs relating to
each scenario. This analysis can be performed by interviewing disaster recovery
planners or simply by reviewing emergency operations plans.