Business Continuity
Offsite Disaster Recovery


 Control Point Ref #: ofconaab

A formalized offsite agreement is in place which identifies the
offsite center's availability and responsibilities of both

Audit Steps
Determine if the agreement addresses the following critical

o guarantees of availability

o timeframes of the offsite processing center's availability
when an offsite contingency situation arises

o processing windows allocated to the data center to run
their application on a given day (if applicable)

o notification for change in hardware environment of the
offsite processing facility

F1 - Info Screen Ref #: ofconaab
In order to ensure the availability of the offsite processing
center, a formal agreement needs to be in place. The offsite
agreement will in most cases be very similar for the three types
of offsite facility scenarios:

o reciprocal agreement with offsite processing center
o one way agreement with offsite processing center
o Vendor provided alternate processing site

When a vendor provides offsite processing for multiple companies,
the priority of your center must be established since some
disasters (e.g., power failure) may effect an entire area that
the offsite facility provides processing for.

Control Point Ref #: ofconaad

An analysis has been performed to ensure that the vendor offsite
processing system is compatible

Audit Steps
1) Ensure that an analysis has been performed to determine if
the equipment used at the offsite processing facility meets
the requirements of your installation.

1.1) Review the inventory list of equipment used at the onsite
and offsite facility and determine the differences in
equipment type which includes:

o printers
o telecommunication connections
o controllers (e.g., front-end communication
controllers, DASD controller)

1.2) For any differences identified, obtain an explanation of
how it is compatible with your system requirements or how
your installation can alter its own processing to make it
compatible with the system and operating environment of the
offsite processing center.

2) Determine if a sufficient amount of system resources (e.g.,
DASD and memory) are available to perform offsite processing
or if an analysis has been performed to determine the level
of degradation that it is expected or alternate processing
steps required to meet the needs of the business that the
system supports.
F1 - Info Screen Ref #: ofconaad
In order to determine if an offsite storage facility meets the
requirements of your installation, an analysis needs to be
performed to identify their differences. When there are
differences, an action plan must be in place to identify how
processing will be changed to meet the hardware and system
environment provided at the offsite processing center.

Differences in the hardware components can adversely effect the
manner in which your installation processes at the offsite
processing facility. For instance, if DASD at the offsite
processing facility has less storage, then your installation has
to adjust its contingency plan of the applications that will be
restored. The same scenario exits with the front end processor.
For example, if the offsite processing facility has a 3725 and
your installation uses a 3745, their will be less connections for
your installation to work with. In some cases the differences,
will prevent the use of the offsite processing facility. For
example, incompatible tape drives would prevent the use of the
offsite processing facility.

Audit Step Info
If your center has performed an offsite contingency test or had
to use the facility for an actual offsite contingency, then your
compliance test to determine their compatibility would not need
to be performed.

The following audit steps are used for determining how specific
hardware and system resources are being handled at the offsite
processing facility:

1) Determine if the telecommunications needs of the users have
been addressed at the offsite processing center

1.1) Determine how access via leased lines are being handled at
the offsite facility

Determine the leased lines that are used by your processing
and who the users are.

Determine if leased lines will be switched to the alternate
site when a disaster occurs or if access to the system will
be performed through an alternate means. If the lines will
be switched, determine if a controller switch is used to
switch the lines to the offsite processing center or if
arrangements have been made with the service company or
phone company to reroute the lines.

Determine if the service company that will switch the line
has committed to the timeframes required.

1.2) Determine how access via switch lines are being handled at
the offsite facility.

1.3) Determine the number of dial-up lines that are used by your
installation and compare it to the number offsite and
verify if it is sufficient to support the access needs of
the users.

2) Determine if a memory analysis has been performed to
determine if the same amount or additional memory is

If less memory is available at the offsite processing site,
determine if the total memory required to process
applications which are being supported at the offsite
processing center is analyzed to determine its impact.

3) Determine if DASD space that is available at the offsite
processing has been analyzed to determine if it is
sufficient to support the storage requirements of the
operating system, system software, and applications being

Control Point Ref #: ofconaaf

An offsite Contingency Plan is in place which will enable the
business to be maintained in the event of a disaster

Audit Steps
1) Determine if the Contingency Plan contains the information
necessary to initiate the plan.

1.1) Determine if the Contingency Plan addresses the conditions
which would necessitate the transfer of operations to the
offsite processing facility.

1.2) Determine if the responsibility has been delegated to
individuals or jobs functions that are responsible for
initiating the contingency plan which includes the

o retrieving or arrange delivery of the tapes from the
offsite storage facility

o calling all appropriate individuals from the contact list
and vendors (e.g., perform necessary switching to enable the
offsite processing center, couriers for report distribution
and tape delivery)

1.3) Determine if a contact list is established with home numbers
of the individuals that need to be contacted (e.g., system,
application, operations, management)

2) Determine if the necessary arrangements have been planned
for running the business from the offsite processing
facility which includes:

o transportation for individuals who need to be at the
offsite processing facility

o hotel arrangements for personnel

3) Ensure that a process is in place to determine whether all
data has been loaded on to the offsite processing system.

3.1) Determine if selected data sets will be restored or if the
entire system will be restored (i.e., full volume restores).

If selected datasets will be restored, ensure that there is
a list maintained of those data sets that should be restored
which will be used to compare to a list taken after the
selected data sets are restored.

4) Ensure that a step-by-step approach is documented to
determine how to load the offsite processing system.

5) Determine if all of the documentation (i.e., run manuals,
technical manuals) is stored at the offsite facility or
arrangements made for their delivery from an offsite storage
F1 - Info Screen Ref #: ofconaaf
Having an overall plan to initiate the plan and restore the
system at the offsite processing location is required to ensure a
smooth transfer of operations. When developing a contingency
plan it always must be assumed that no materials can be retrieved
from the existing processing environment.

Audit Step Info
All contingency situations that require the transfer of
operations to the offsite processing facility is not necessarily
based on a fire to your existing processing facility. Depending
on the timeframes that are required to restore the business, a
partial loss of your existing processing environment may require
the transfer of operations to the offsite processing center. The
partial loss of each type of equipment that would necessitate the
transfer of operations should outlined in the plan for initiating
the offsite contingency plan. For example, the loss of the CPU
or Air conditioning unit for more than 24 hours may require the
transfer of operations.

Control Point Ref #: ofconaag

The offsite Contingency Plan is tested to ensure that it will
function in a real contingency situation

Audit Steps
1) Determine if the contingency plan is test once a year or
within the timeframes that is required by your installation.

2) Ensure that the contingency test plan is comprehensive
enough to prove that the business can be supported at the
offsite processing facility.

2.1) Ensure that all phases of processing is performed which

o loading of the operating system and performing an IPL

o loading all applications that are being provided support for
offsite processing

o testing the online facilities through all
telecommunication sources

o sample selection of online transaction processing is

o the entire batch process which includes the printing of all
reports at the contingency specified locations

2.2) Ensure that all applications are reconciled to ensure
accurate results.

2.3) Ensure that other system interfaces are tested and tapes
produced for other centers who receive tapes.

3) Ensure that the offsite contingency test uses back-up files
from the offsite storage location.

4) Ensure that statistics are maintained from the point that
the test begins from the loading of the operating system
till the completion of the days work in order to determine
amount of time it takes to recover from an offsite
contingency and the time frames required to perform a days
worth of work.

5) Ensure that representatives from the various job functions
that support the business participate in the test.

6) Ensure that individuals from each job function that
participate in the test are rotated to ensure that
individuals are trained in how to operate in a disaster.

6.1) Review the test participants list from a sample of tests to
ensure that individuals are rotated.
F1 - Info Screen Ref #: ofconaag
A contingency test is required to ensure that the offsite
processing facility can actually support the processing
requirements of the business that your site supports. In
addition, performing a contingency test ensures that the
contingency plan addresses all of the requirement for processing
your system at the offsite processing facility.

Audit Step Info
Many contingency tests are divided into multiple contingency
tests to provide assurance that the entire contingency plan
works. This approach should be avoided since only a full test
would provide the information required to determine how a
business is affected by an offsite contingency situation.

The level of application testing that is required during an
offsite contingency test is viewed differently based on the
following issues:

o Is there assurance that the offsite media storage area
contains the most current production version of the system
and application software which includes the level of control
that your installation has on performing backups?

o Is the hardware environment the same as the current
processing environment? If no, then the initial test of the
offsite processing environment would require more extensive
testing since the device configuration is different or the
level of capacity may not be able to sustain the processing
load contained within your applications.

o The complexity of the telecommunications environment will
drive the level of testing required.

The method that is used to ensure that sufficient level of
testing was performed to gain assurance that the offsite
processing center can sustain the business is via user signoffs.
However, the auditor should conduct their own review which
includes the following:

o Review the listing of jobs that were executed from the
scheduling system to ensure that all of the batch jobs were
successfully run. A comparison should also be performed to
the job schedule from the onsite processing center to ensure
that all jobs were run.

o The transaction log (i.e., assuming that it is provided by
your application) should be reviewed to determine if
transactions tested are a fair representation of the
transactions normally executed by each application.
Copyright 1991 - 2009, Audit Serve, Inc. All rights reserved. All Audit
Programs are copyrighted and may not be posted electronically or
redistributed unless written permission is granted by Audit Serve, Inc.
The Audit Programs may be used for internal use within organizations.
Audit Programs may not be resold.

AuditNet - The Global Resource for Auditors

Audit Vision

Since 1991
Join 3,500 other subscribers



Free Audit Serve Seminars Posted Online

25 minute extract from the seminar entitled "Alternate Control Design Approaches for z/OS" presented by Mitch Levine in London (at the Churchill War Rooms) March, 2018 which would be of interest to IT Audit, Security and GRC personnel

General Data Protection Regulation Seminar

Copyright © 2015. All Rights Reserved.