You are here :: home > knowledge network > FND-OCEG Foundation "Red Book" v1 > P-Process > I-Information & Communication > I1-Information & Records Management > I1.3 Define Information Availability, Integrity & Recovery
I1.3 DEFINE INFORMATION AVAILABILITY, INTEGRITY & RECOVERY
Develop procedures that define how data and records will be backed up and maintained to support defined retention, operating and disaster-recovery objectives.


The entity should develop procedures that define how the integrity of information will be addressed. Risks associated with the unauthorized alteration or destruction of data via electronic means are minimized via these procedures.
Core Practices
    I1.3.101
  • Determine off-site media storage and media rotation requirements
    I1.3.102
  • Define information back-up schedules (source, frequency)
    I1.3.103
  • Ensure recovered sensitive business data is requested by authorized individuals
    I1.3.104
  • Determine virus protection mechanisms for the network and application environments
    I1.3.105
  • Define a process for authorization and testing of system updates (patches, software upgrades, configuration changes)
Additional Practices
    I1.3.201
  • Regularly test the restoration of data from back-up storage media
    I1.3.202
  • Develop and practise a disaster recovery plan, including third-party service agreements
    I1.3.203
  • Develop a business continuity plan
    I1.3.204
  • Develop an information system vulnerability management plan
GUIDELINE DETAILS
Actions: Download<br />Download
Legend:
Source / Reference
Resource
Domain Supplement