Control Intelligence

Data Backup & Disaster Recovery

Backup scheduling, restoration testing, and DR plan for financial systems and data.

Sub-Process Score
74/ 100
Adequate
8/10 responses received
View AI AnalysisBack

Control Objectives (2)

IT-BR-01
COSO P11ICFR.ITGC.BR.01IIA IV.10.2
Financial system data is backed up per a documented retention policy and tested quarterly.
Risk: Data loss without tested backups may be unrecoverable.
Assessment Questions (3)
  • 01Backup policy specifying RPO/RTO for in-scope systems is documented.Document
  • 02Backup restoration is tested at least quarterly.
  • 03Off-site or immutable backup copies are maintained.
IT-BR-02
COSO P11ICFR.ITGC.BR.02IIA IV.10.2
Disaster recovery plan is documented, tested annually, and covers all in-scope financial systems.
Risk: Extended outage without DR plan halts financial processing.
Assessment Questions (3)
  • 01DR plan is documented and approved by IT leadership.Document
  • 02DR test is conducted at least annually with documented results.
  • 03DR test findings are remediated on a tracked timeline.