Disaster Recovery: The ability of an organization to respond to a disaster or an interruption in services by implementing a disaster recovery plan to stabilize and restore the organization's critical functions immediately after a disaster.
Disaster Recovery Plan: The management approved document that defines the resources, actions, tasks and data required to manage the technology recovery effort.
Missouri State University shall have a formal disaster recovery plan for core centralized information systems. It will be based on risk assessments of critical elements of the infrastructure, as specified in the Risk Assessment and Management Policy, in order to effectively prepare and respond to a crisis or disaster that may fully or partially disable the University's information systems. The plan will provide for the confidentiality, integrity, and availability of the University's data. The disaster recovery plan will be reviewed and tested by the Information Security Unit of Computer Services periodically.
Each department with separate information technology systems is responsible for developing and maintaining their own disaster recovery plan in consultation with the Information Security Unit of Computer Services.
The required core services disaster recovery plan for Missouri State University will address the following events:
Disaster recovery services are crucial to the continued operation of the business of the University in the event of a disaster causing disruption of University information systems. A disaster recovery plan is required by the Payment Card Industry – Data Security Standards (PCI-DSS) and the Health Insurance Portability and Accountability Act (HIPAA).
All entities contained in or under the direction of the Missouri State University system.