Link to home
Start Free TrialLog in
Avatar of jdc1944
jdc1944Flag for United Kingdom of Great Britain and Northern Ireland

asked on

Backup Policy and Documenting Servers

I am currently undertaking a review of our documentation around our corporate backups.

My concern at the moment is that not enough information is documented but I cannot seem to find much information about what a backup policy should document.  
Currently our policy details the following:
What media servers are used
Who is responsible for the backup media
Tape changes - When tapes are exported and imported to the tape libraries
Details on how weekly check sheets are used to document successful, error'd or failed backups.
Details on the backup failure log

Is there anything fundamentally missing from this document, it seems a bit empty to me?

Another problem I have encountered is trying to find out exactly what is being backed up and when.  
I was able to get a list of all our servers from CMDB and a copy of one of the check sheets.  The check sheets show which media is responsible for each backup job.  However, I then had to get another list to show which which servers were getting backed up as part of which backup job.  
This started to get confusing and even more so when the lists didn't match up and it took an investigation from IT to determine exactly what was being backed up and when.  This identified several servers not being backup up at all.
My question relating to this part is, how should this be documented, is this kind of information documented explicitly by most other businesses?  
When I started this process I expected the backup policy document to list all media servers, which media servers were responsible for which backup jobs and which servers were being backed up by each backup job - all neatly documented.
SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jdc1944

ASKER

Thanks for that.  this information I thought might be mising form the backup policy was:

·        Tape Cleaning.
·        Back-up Device Management.
·        Responsibilities.
·        Media Management.
·        Back-up Checks.
·        Destruction Procedures.
·        Retention Policy.
·        Systems Information.
·        Back-up Schedule.

Is the above normally found in a backup policy?
Also, like the original questions states, I'm still struglleing to find whether the back-up schedule should be documented somewhere, I thought it should be but is this common practice?
i agree with you about backup schedule.
If you don't have it documented, how do you know if you're doing what is needed and expected?   I ran into a client recently where 30 days of logs showed no full backups in that period.  This was unexpected, and very dangerous...  So yes, document!