Initial commit
This commit is contained in:
Paul Jenkins
83
03-procedures/backup-testing-procedure.md
Normal file
83
03-procedures/backup-testing-procedure.md
Normal file
@@ -0,0 +1,83 @@
|
||||
Title: Backup Testing Procedure
|
||||
Document ID: [PROC-BACKUP-TEST-001]
|
||||
Version: 0.1 Draft
|
||||
Status: Draft
|
||||
Owner: CISO (Paul Jenkins)
|
||||
Approver: CISO (Paul Jenkins)
|
||||
Classification: Internal
|
||||
Effective date: [DD Month YYYY]
|
||||
Review date: [DD Month YYYY]
|
||||
|
||||
# Backup Testing Procedure
|
||||
|
||||
## Purpose
|
||||
|
||||
This procedure defines how BlackDice should test backup restoration capability and record the results.
|
||||
|
||||
## Scope
|
||||
|
||||
This procedure applies to in-scope systems, services, data sets, configurations, and other assets where backup and restoration capability is required.
|
||||
|
||||
## Trigger / When Used
|
||||
|
||||
Use this procedure:
|
||||
|
||||
- at planned backup test intervals
|
||||
- after material changes to backup design or protected assets
|
||||
- after backup-related incidents or failures
|
||||
- when assurance evidence is required
|
||||
|
||||
## Procedure Steps
|
||||
|
||||
1. Select the system, data set, or recovery scenario to test based on criticality and test plan.
|
||||
2. Confirm the expected restore objective, test scope, data sensitivity, and success criteria.
|
||||
3. Perform the backup restoration test in an approved and controlled manner.
|
||||
4. Validate that the restored data, configuration, or service state is complete, usable, and consistent with the test objective.
|
||||
5. Record the outcome, timing, issues encountered, and whether objectives were met.
|
||||
6. Raise remediation actions for failures, gaps, or unacceptable delays.
|
||||
7. Review results with the relevant owner and agree follow-up actions.
|
||||
8. Retain test evidence for assurance and audit purposes.
|
||||
|
||||
## Inputs
|
||||
|
||||
- backup test schedule or request
|
||||
- protected asset information
|
||||
- restoration instructions or runbooks
|
||||
- success criteria
|
||||
|
||||
## Outputs / Records
|
||||
|
||||
- backup test record
|
||||
- restoration evidence
|
||||
- identified issues and follow-up actions
|
||||
- updated recovery assurance status
|
||||
|
||||
## Roles and Responsibilities
|
||||
|
||||
- [Role] must coordinate the backup test programme or oversight.
|
||||
- System owners must confirm recovery requirements and review outcomes.
|
||||
- Operational teams must perform restoration testing and record results.
|
||||
|
||||
## Escalation / Exceptions
|
||||
|
||||
Escalate where:
|
||||
|
||||
- a test fails or cannot be completed
|
||||
- recovery objectives are not met
|
||||
- backup coverage is incomplete
|
||||
- sensitive data handling during testing creates additional risk
|
||||
|
||||
Exceptions to planned testing must be documented and approved.
|
||||
|
||||
## Related Documents
|
||||
|
||||
- Backup and Recovery Policy
|
||||
- Business Continuity and Disaster Recovery Policy
|
||||
- Disaster Recovery Testing Procedure
|
||||
- Corrective Action Procedure
|
||||
|
||||
## Version Control
|
||||
|
||||
| Version | Date | Description of Change | Author |
|
||||
| --- | --- | --- | --- |
|
||||
| 0.1 Draft | [DD Month YYYY] | Initial draft. | [Name or Role] |
|
||||
Reference in New Issue
Block a user