Backup and Disaster Recovery

Potential disasters could be any major loss of data, due to hardware, software or personnel failure. They could also be in the form of a natural disaster.

Table of Contents

Governing UH Policy

IT Practices and Guidelines

Governing UH Policy

Manual of Administrative Policies and Procedures (MAPP):

Computer User Responsibilities


MAPP Policy: 10.03.01
SECTION: Information Technology
AREA: User Guidelines and Responsibilities; Security
SUBSECTION: IV (Security Responsibilities)

Computer and Network Security

MAPP Policy: 10.03.02
SECTION: Information Technology
AREA: User Guidelines and Responsibilities; Security
SUBSECTION: IV (Security Responsibilities)

University of Houston System, System Administrative Memoranda (SAM):

Risk Management Policy

SAM Number: 01.C.01
SECTION: General Administration
AREA: Risk Management

UH Emergency Management Manual

Emergency Management Plan (PDF, 167 KB)


IT Practices and Guidelines

A. Risk Assessment
Risk management is an evaluation of the adequacy of management controls in assuring the integrity, accuracy, and availability of college and division services. This is primarily a business decision, not constrained by an IT focus, evaluating the risk of inaction versus the cost of action to reduce risks, (real or perceived). Risk management enables sound judgment when taking risks and affords a level of contingency planning should a risk become a reality.

Understanding risks to university assets is the starting point of a risk management process. Once the risks are understood, sound decisions on whether to accept, mitigate, or transfer those risks can be made. Therefore risk management can be defined as a systematic process for identification, analysis, control, and communication of risks and is integrated into the normal business processes of the college or division.

This process entails identifying business assets, their associated value, their associated vulnerabilities, and the ability of the organization to anticipate and act on exposures that significantly impact the organization.

B. Business Continuity/Disaster Recovery
Each College and Division should have a Business Continuity plan based on the following criteria:

C. Data Integrity/Backup and Recovery
Backups of all College and Division-critical data should be made at least once per working day.

The backup regimen should meet the following criteria: