POLICY TITLE: Backup and Recovery Policy
POLICY #: IT - 17
DATE DRAFTED: 12/30/02
DATE POSTED for Review: 05/06/03    
APPROVED DATE: 11/02/05
REVISION DATE: 10/28/05, 02/12/13
BRIEF DESCRIPTION: Minimum requirements for the creation and retention of computer data backups.

Introduction | Scope | Policy Statement | Related Policies | Policy Home

Introduction:
All electronic information which is a "UI record" as defined in the University Operations Manual Chapter 17.3 Records Management Program (hereafter referred as UI records for the purpose of this policy) must be copied onto secure storage media on a regular basis (i.e., backed up), for the purpose of disaster recovery and business resumption. This policy outlines the minimum requirements for the creation and retention of backups. Special backup needs which exceed these minimum requirements, should be accommodated on an individual basis.

Scope:
Data custodians are responsible for providing adequate backups to ensure the recovery of electronic information (includes UI Records and software) in the event of failure. These backup provisions will allow University business processes, including the research enterprise to be resumed in a reasonable amount of time with minimal loss of data. Since failures can take many forms, and may occur over time, multiple generations of backups should be maintained.
Federal and state regulations pertaining to the long-term retention of information (e.g., financial records) will be met using separate archive policy and procedures, as determined by the Business Owner of the information, and in accord with the Records Management Program. Long-term archive requirements are beyond the scope of this policy.

Policy Statement:

Related Policies, References and Attachments:
University Operations Manual, Records Management Program (Chapter 17.3)
Roles and Responsibilities for Information Security
Institutional Data Access Policy
How to register your system(s) in the Uiowa System Registry (USR)
Disaster Recovery and Business Continuity Planning

This collection of University of Iowa Information Technology policies and procedures contain acceptable use, security, networking, administrative, and academic policies that have been developed to supplement and clarify University of Iowa policy.

They are incorporated into the University of Operations Manual (http://www.uiowa.edu/~our/opmanual/index.html) by reference, per the Policy on Acceptable Use of Information Technology Resources (http://www.uiowa.edu/~our/opmanual/ii/19.htm)

Appendix A:  Approved Facilities and Services:
Off Site Storage Facilities: Advantage Records Management & Storage (any UI system) (http://www.advantagerms.com)
Desktop Backup Services: Departmental File Servers Connected (Iron Mountain, Inc.)