Federal Electricity & Water Authority (FEWA) -

Ajman
Information Security Management System

Backup Policy
Version 1.6

Approved by:
Abdulltatif Galadari <date of approval>
Information Technology Director
Document review and approval
Revision history
Version Author Date Revision
th
1.0 Abhinav Srinivasaraghavan 5 April 2015 Document Created
1.1 Abhinav Srinivasaraghavan 22nd April 2015 Revised
1.2 Naushad Rajani 28th April 2015 Reviewed
Final
1.3 Abhinav Srinivasaraghavan 28th April 2015
1.4 Mustafa Azizi / Mohamed Sheriff 8th-May-2016 Review and comment
1.5 Huda Al Hammadi 8th- May-2016 Final Review
1.6 Huda Al Hammadi 7th Aug 2016 Added the user responsibilities

This document has been approved by

Version Name Signature Date reviewed
th
1.5 Abdulltatif Galadari (IT Director) 16 - June-2016
1.6 Abdulltatif Galadari (IT Director) 11th-August-2016

FEWA Internal
Page 2 of 5 Version 1.6
Contents
1 PURPOSE ...................................................................................................................................... 4
2 SCOPE ........................................................................................................................................... 4
3 DEFINITIONS & ABBREVIATIONS ................................................................................................... 4
4 ROLES AND RESPONSIBILITIES ...................................................................................................... 4
5 BACKUP POLICIES.......................................................................................................................... 4
5.1 GENERAL ........................................................................................................................................... 5
5.2 MICROSOFT EXCHANGE AND ACTIVE DIRECTORY BACKUP STRATEGY ............... ERROR! BOOKMARK NOT DEFINED.
5.3 SAP BACKUP STRATEGY ......................................................................... ERROR! BOOKMARK NOT DEFINED.
5.4 GIS BACKUP STRATEGY .......................................................................... ERROR! BOOKMARK NOT DEFINED.
5.5 LEGACY BILLING SYSTEM BACKUP STRATEGY............................................... ERROR! BOOKMARK NOT DEFINED.
5.6 CONTACT CENTER BACKUP STRATEGY ....................................................... ERROR! BOOKMARK NOT DEFINED.
6 COMPLIANCE ................................................................................................................................ 5
7 RELATED DOCUMENTS .................................................................................................................. 5

FEWA Internal
Page 3 of 5 Version 1.6
1 Purpose
The purpose of this policy is to provide guidance to all FEWA employees on the best backup
strategy for SAP, GIS, Microsoft Exchange and Active Directory, Contact Center, file server
and legacy Billing System. This policy ensures that that the backup strategy is designed in a
manner to minimize any loss of data and its impact to business.

2 Scope
This policy applies to those FEWA backup admins and vendors incharged for FEWA managed
services.

3 Definitions & Abbreviations

Term Definition
ISMS Information Security Management System
CISO Chief Information Security Officer
A copy of a file or other item of data made in case the
Backup
original is lost or damaged.

4 Roles and Responsibilities

Role Responsibilities
Ensure the complete implementation and enforcement of this
CISO
policy on FEWA IT department employees
FEWA backup admins Comply with this policy
vendor incharged for
FEWA managed Comply with this policy
services
All users are responsible to read, understand and adhere to this

Users/Employees policy in their day to day activities.

5 Backup Policies
The backup policies have been segregated according to each enterprise level application as
follows:

FEWA Internal
Page 4 of 5 Version 1.6
5.1 General

A schedule for backup must be clearly defined and documented and must include
the day and time of backup.
A backup must include database, data files, archive log files and configuration files.
Backup media must be shipped though an identified courier services or authorized
staff and shall be stored in a fire proof safe at the offsite location at Al Zawhra. A
record shall be mainted for the tape movement and preodically reviewed.
Backup should be automated or manual, based on business requirement.
All enterprise applications must have an onsite backup media for fast recovery and
should be stored a securely
The backup methodology may be reviewed on a yearly basis or when its required
to adapt the technology changes.
Backup restoration testing must be performed on a All users are responsible to read,
understand and adhere to this policy in their day to day activities., according to a
predefined and documented schedule for each enterprise level application and a record
should be mainted for the restoration test
Special backups may be performed on need basis which shall include long
retention periods ,such as system upgrades and major projects.

6 Compliance
All FEWA backup admins and vendors incharged for FEWA managed services are requested
to comply with this policy. In case of breach/violation, the user would be subjected to
disciplinary action. Violations shall be notified to the CISO. Strict confidentiality shall be
maintained on all notified violations.

7 Related Documents
FEWA_ISMS_Operations Security Policy
FEWA_ISMS_Backup and Restoration Procedure

FEWA Internal
Page 5 of 5 Version 1.6