Contingency planning guide for federal information systems



Description and Authority Services (DAS) Security Categorization: LowInformation System Contingency Plan (ISCP)Date: April 15, 2020Version #: 3.0Prepared byNational Archives and Records Administration8601 Adelphi RoadCollege Park, MD 20740Table of Contents TOC \o "1-3" \h \z \u Plan Approval PAGEREF _Toc8896643 \h 11.0Introduction PAGEREF _Toc8896644 \h 21.1Background PAGEREF _Toc8896645 \h 21.2Scope PAGEREF _Toc8896646 \h 21.3Assumptions PAGEREF _Toc8896647 \h 22.0Concept of Operations PAGEREF _Toc8896648 \h 32.1System Description PAGEREF _Toc8896649 \h 32.2Overview of Three Phases PAGEREF _Toc8896650 \h 42.3Roles and Responsibilities PAGEREF _Toc8896651 \h 43.0Activation and Notification PAGEREF _Toc8896652 \h 53.1Activation Criteria and Procedure PAGEREF _Toc8896653 \h 53.2Notification PAGEREF _Toc8896654 \h 63.3Outage Assessment PAGEREF _Toc8896655 \h 74.0Recovery PAGEREF _Toc8896656 \h 74.1Sequence of Recovery Activities PAGEREF _Toc8896657 \h 74.2Recovery Procedures PAGEREF _Toc8896658 \h 84.3Recovery Escalation Notices/Awareness PAGEREF _Toc8896659 \h 85.0Reconstitution PAGEREF _Toc8896660 \h 85.1Validation Data Testing PAGEREF _Toc8896661 \h 85.2Validation Functionality Testing PAGEREF _Toc8896662 \h 85.3Recovery Declaration PAGEREF _Toc8896663 \h 85.4Notifications (users) PAGEREF _Toc8896664 \h 95.5Cleanup PAGEREF _Toc8896665 \h 95.6Data Backup PAGEREF _Toc8896666 \h 95.7Event Documentation PAGEREF _Toc8896667 \h 95.8Deactivation PAGEREF _Toc8896668 \h 9APPENDIX A: PERSONNEL CONTACT LIST PAGEREF _Toc8896669 \h 11APPENDIX B: VENDOR CONTACT LIST PAGEREF _Toc8896670 \h 12APPENDIX C: DETAILED RECOVERY PROCEDURES PAGEREF _Toc8896671 \h 13APPENDIX D: ALTERNATE PROCESSING PROCEDURES PAGEREF _Toc8896672 \h 14APPENDIX E: SYSTEM VALIDATION TEST PLAN PAGEREF _Toc8896673 \h 15APPENDIX F: DIAGRAMS (SYSTEM AND INPUT/OUTPUT) PAGEREF _Toc8896674 \h 16APPENDIX G: HARDWARE AND SOFTWARE INVENTORY PAGEREF _Toc8896675 \h 17APPENDIX H: INTERCONNECTIONS TABLE PAGEREF _Toc8896676 \h 18APPENDIX I: TEST AND MAINTENANCE SCHEDULE PAGEREF _Toc8896677 \h 19APPENDIX J: ASSOCIATED PLANS AND PROCEDURES PAGEREF _Toc8896678 \h 20APPENDIX K: BUSINESS IMPACT ANALYSIS PAGEREF _Toc8896679 \h 21APPENDIX L: DOCUMENT CHANGE PAGE PAGEREF _Toc8896680 \h 22Plan ApprovalIn accordance with National Archives Records Administration’s (NARA) contingency planning policy, I hereby affirm that the contingency plan is complete and has been tested sufficiently. The designated authority is responsible for continued maintenance and testing of the ISCP. As the designated authority for the Description and Authority Services (DAS) system, I hereby certify that the information system contingency plan (ISCP) is complete, and that the information contained in this ISCP provides an accurate representation of the application, its hardware, software, and telecommunication components. I further certify that this document identifies the criticality of the system as it relates to the mission of NARA, and that the recovery strategies identified will provide the ability to recover the system functionality in the most expedient and cost-beneficial method in keeping with its level of criticality.I further attest that this ISCP for DAS will be tested at least annually. This plan was last tested on March 25, 2020; the test, training, and exercise (TT&E) material associated with this test can be found in Xacta. This document will be modified as changes occur and will remain under version control, in accordance with NARA’s contingency planning policy._______________________________________________Jason ClingermanDateSystem Owner 1.0IntroductionInformation systems are vital to NARA mission/business processes; therefore, it is critical that services provided by the DAS system are able to operate effectively without excessive interruption. This Information System Contingency Plan (ISCP) establishes comprehensive procedures to recover DAS quickly and effectively following a service disruption.1.1BackgroundThis DAS ISCP establishes procedures to recover DAS following a disruption. The following recovery plan objectives have been established:Maximize the effectiveness of contingency operations through an established plan that consists of the following phases:Activation and Notification phase to activate the plan and determine the extent of damage;Recovery phase to restore DAS operations; andReconstitution phase to ensure that DAS is validated through testing and that normal operations are resumed.Identify the activities, resources, and procedures to carry out DAS processing requirements during prolonged interruptions to normal operations.Assign responsibilities to designated NARA personnel and provide guidance for recovering DAS during prolonged periods of interruption to normal operations.Ensure coordination with other personnel responsible for NARA contingency planning strategies. Ensure coordination with external points of contact and vendors associated with DAS and execution of this plan.1.2ScopeThis ISCP has been developed for DAS, which is classified as a low impact system, in accordance with Federal Information Processing Standards (FIPS) 199 – Standards for Security Categorization of Federal Information and Information Systems. Procedures in this ISCP are for low impact systems and designed to recover DAS within 48 hours (2 business days). This plan does not address replacement or purchase of new equipment, short-term disruptions lasting less than 48 hours, or loss of data at the onsite facility or at the user-desktop levels. As DAS is a low-impact system, alternate data storage and alternate site processing are not required.1.3AssumptionsThe following assumptions were used when developing this ISCP:DAS has been established as a low-impact system, in accordance with FIPS 199.DAS is partially provided as a service by the Amazon Web Services (AWS) cloud service provider.Alternate processing sites and offsite storage are not required for this system.The DAS system is inoperable and cannot be recovered within 48 hours (2 business days).Key DAS personnel have been identified and trained in their emergency response and recovery roles; they are available to activate the DAS Contingency Plan.Additional assumptions as appropriate.The DAS ISCP does not apply to the following situations:Overall recovery and continuity of mission/business operations. The Business Continuity Plan (BCP) and Continuity of Operations Plan (COOP) address continuity of mission/business operations.Emergency evacuation of personnel. The Occupant Emergency Plan (OEP) addresses employee evacuation.Any additional constraints and associated plans should be added to this list.2.0Concept of OperationsThe Concept of Operations section provides details about DAS, an overview of the three phases of the ISCP (Activation and Notification, Recovery, and Reconstitution), and a description of roles and responsibilities of NARA personnel during a contingency activation.2.1System DescriptionThe DAS system provides archival descriptions associated with digitized archived materials, conversion of legacy finding aids, and the day-to-day description of work performed by NARA’s description archivists. The DAS system employs a three-tier architecture consisting of Presentation, Service, and Data tiers. The Presentation Tier represents the desktops or laptops NARA staff use to access the DAS system. The Service tier hosts the set of services that implement the DAS system methods and expose data. The Data tier contains all data held and controlled by the DAS system.Users’ Windows machines in the NARA environment contain the Presentation tier. Service and Data tiers are located in the public cloud provided by Amazon Web Services (AWS), and consist of Windows and Linux-based virtual machines. As such, interoperability and service orientation (a design paradigm for computer software in the form of services) are key requirements. The principle of service orientation provides the overall conceptual framework and serves as a basis for enabling technologies.DAS is used for Archival description, the process of capturing, analyzing, controlling, exchanging, and providing access to information about the origin, content, and provenance of the records; their filing structure; their form and content; their relationship with other records; and, the ways in which they can be found and used so that the records may be served to the public.Specific efforts and initiatives include:Archival description work;Authority work;Digital Public Library of America;Importing NARA partner descriptions and digitized records, and legacy NARA finding aids; andCreation of archival description sitemaps for Web search engines.DAS manages new and updated descriptions and authorities to NARA’s National Archives Catalog system and provides prompt, easy, and secure access to NARA holdings anywhere, anytime. DAS includes standardized descriptions of both non-electronic and born-digital holdings, as well as links to other descriptive products.Further detail is provided in the following appendices: Appendix F, Diagrams (System and Input/Output); Appendix G, Hardware & Software Inventory; Appendix H, Interconnections Table, Appendix J, Associated Plans and Procedures. The DAS BIA is stored within Xacta (see Appendix K, Business Impact Analysis).2.2Overview of Three PhasesThis ISCP has been developed to recover and reconstitute the DAS using a three-phased approach. This approach ensures that system recovery and reconstitution efforts are performed in a methodical sequence to maximize the effectiveness of the recovery and reconstitution efforts and minimize system outage time due to errors and omissions.The three system recovery phases are:Activation and Notification Phase – Activation of the ISCP occurs after a disruption or outage that may reasonably extend beyond the RTO established for a system. The outage event may result in severe damage to the facility that houses the system, severe damage or loss of equipment, or other damage that typically results in long-term loss.Once the ISCP is activated, system owners and users are notified of a possible long-term outage, and a thorough outage assessment is performed for the system. Information from the outage assessment is presented to system owners and may be used to modify recovery procedures specific to the cause of the outage.Recovery Phase – The Recovery phase details the activities and procedures for recovery of the affected system. Activities and procedures are written at a level that an appropriately skilled technician can recover the system without intimate system knowledge. This phase includes notification and awareness escalation procedures for communication of recovery status to system owners and users.Reconstitution –The Reconstitution phase defines the actions taken to test and validate system capability and functionality at the original or new permanent location. This phase consists of two major activities: validating successful reconstitution and deactivation of the plan.During validation, the system is tested and validated as operational prior to returning operation to its normal state. Validation procedures may include functionality or regression testing, concurrent processing, and/or data validation. The system is declared recovered and operational by system owners upon successful completion of validation testing.Deactivation includes activities to notify users of system operational status. This phase also addresses recovery effort documentation, activity log finalization, incorporation of lessons learned into plan updates, and readying resources for any future events.2.3Roles and ResponsibilitiesThe ISCP establishes several roles for DAS recovery and reconstitution support. Persons or teams assigned ISCP roles have been trained to respond to a contingency event affecting DAS.Roles and responsibilities are defined in the table below. Personnel assigned to these roles are identified in Appendix A, Personnel Contact List. Appendix B, Vendor Contact List, provides vendor contact information.Contingency Plan RoleDAS RoleResponsibilitiesISCP Director / ISCP Director (Alternate)DAS System Owner Overall management of the ISCPConfirming severity of a system disruption with the ISCP CoordinatorFormal activation of the ISCPNotifying the ISCP Coordinator to begin formal assessment of the system disruption and develop recovery strategiesNotifying the ISCP Coordinator to assemble the ISCP Recovery Teams and begin system recoveryOverseeing annual testing, maintenance, and distribution of the planContacting vendors, contractors or other external organizations to assist in the system recovery as necessaryMaking initial assessment of system disruption (i.e., is it a minor system failure or a catastrophic event/major system failure)For a minor system failure:Assure that the incident is reported to NARA IT Operations and logged in the trouble ticket system.Assess the system disruptionEstimate system recovery timeContact and instruct all necessary ISCP Recovery Team members to recover the failing system component(s)For a catastrophic event/major system failure:Initiate full activation of the ISCPAssess the system disruption and develop recovery recommendations; providing thorough assessment of catastrophic events/major system failuresDevelop the damage assessment report and determine recovery and resumption strategiesContact all necessary ISCP Recovery Team Members and instruct them to assemble their teams to recover the failing system component(s)Coordinating communications between the ISCP Recovery Teams in recovering the systemComplete an after action report upon resumption of normal operationsEnsure the annual testing, maintenance, and distribution of the planISCP Coordinator / ISCP Team MemberAll necessary technicians, administrators, and programmers from the major divisionsAssisting in all recovery and resumption activities for minor system failures, as necessaryAssisting in all recovery and resumption activities for catastrophic events/major system failures, as necessary3.0Activation and NotificationThe Activation and Notification Phase defines initial actions taken once a DAS disruption has been detected or appears to be imminent. This phase includes activities to notify recovery personnel, conduct an outage assessment, and activate the ISCP. At the completion of the Activation and Notification Phase, DAS ISCP staff will be prepared to perform recovery measures.3.1Activation Criteria and ProcedureThe DAS ISCP may be activated if one or more of the following criteria are met:The cloud service provider indicates an outage that will exceed the RTO of 48 hoursThe type of outage indicates DAS will be down for more than 48 hours (2 business days);The facility housing DAS is damaged and may not be available within 48 hours; andOther criteria, as appropriate.The following persons or roles may activate the ISCP if one or more of these criteria are met:ISCP Director / ISCP Director (Alternate)Details on the responsibilities for the ISCP Director / ISCP Director (Alternate) can be found in Section 2.3.3.2NotificationThe first step upon activation of the DAS ISCP is notification of appropriate mission/business and system support personnel. Contact information for appropriate POCs is included in Appendix A, Personnel Contact List and Appendix B, Vendor Contact List.Notification of outage incidents for DAS that require activation of the ISCP will be performed through phone or email. The following information should be relayed to individuals during the notification phase:Nature of the emergency that has occurred or is impending;Loss of life or injuries;Any known damage estimates;Response and recovery details;Where and when to convene for briefing or further response instructions;Instructions to prepare for relocation for estimated time period (if applicable);Instructions to complete notifications (if applicable).The notification sequences provided below are divided into two categories, minor system failures and major system failures. The ISCP Director will classify the severity of the system failure once it has been reported to the DAS Support Contractor (DSA Inc.) and the NARA/DSA Help Desk and will determine whether to activate the contingency plan assessment procedures. It is important to note that the ISCP Director may be contacted directly in the event of a system failure, especially if the person reporting the incident is external to the department (AWS, facilities management personnel, building security, etc.). Depending on the severity of the event, one of the following notification sequences will be used. It is important to note that the ISCP will not be activated in the event of a minor system failure. Nevertheless, notification procedures for minor system failures have been provided to standardize recovery operations.Minor System Failure Notification ProceduresIn the event of a Minor System Failure, the following notification procedures will be followed:The first person to detect a system disruption notifies the ISCP Director.The ISCP Director determines that a minor system failure has occurred and ISCP activation is not necessary.The ISCP Director will notify system stakeholders of the minor system failure.The ISCP Director notifies all necessary ISCP Recovery Team Leaders and directs them to follow Standard Operating Procedures (SOPs) in the recovery of all failing DAS components.The ISCP Director will notify system stakeholders when the issue is resolved.Major System Failure Notification ProceduresIn the event of a Major System Failure, the following notification procedures will be followed:The first person to detect a system disruption notifies the ISCP Director.The ISCP Director evaluates the situation and activates the plan if it is anticipated that the system will not be recovered within 72 hours (3 business days).The ISCP Director will notify all system stakeholders of the major system failure.Upon activation of the CP, the ISCP Director develops a damage assessment report.Upon activation of the CP, the ISCP Director will also contact the NARA Helpdesk to aid in the development of the damage assessment report.The ISCP Director contacts the appropriate team members to assist in the damage assessment procedures.The ISCP Director determines the extent of the system damage and the estimated recovery time and confirms recovery strategies.The ISCP Director notifies vendor or contractor POC(s) if additional external assistance is necessary.The ISCP Director briefs the appropriate individuals/managers to assemble their team members for recovery activities.The ISCP Director will notify all system stakeholders when the issue is resolved.3.3Outage AssessmentThe cloud service provider is responsible for the outage assessment if it is within the scope of their services. That assessment will include the extent of the disruption and expected recovery time.If the outage is outside the scope of the cloud service provider, a thorough outage assessment is necessary to determine the extent of the disruption, any damage, and expected recovery time. This outage assessment is conducted by the technical team. Assessment results are provided to the ISCP Coordinator to assist in the coordination of the recovery of DAS.Once personnel safety has been assured, the ISCP Director and appropriate team members should seek to determine the following information: Cause of the emergency or disruption;Potential for additional disruptions or damage;Areas affected by the emergency;Status of the physical infrastructure (e.g., structural integrity of the processing rooms, condition of electric power, telecommunications, and heating, ventilation, and air conditioning [HVAC]);Inventory and functional status of the DAS components (e.g., fully functional, partially functional, or nonfunctional);Type of damage to the DAS components (e.g., water damage, fire and heat, physical impact, and electrical surge);DAS components to be replaced;Estimated time to restore normal services.Assessment results will be provided to the ISCP Director.4.0RecoveryThe Recovery Phase provides formal recovery operations that begin after the ISCP has been activated, outage assessments have been completed (if possible), personnel have been notified, and appropriate teams have been mobilized. Recovery Phase activities focus on implementing recovery strategies to restore system capabilities, repair damage, and resume operational capabilities at the original or an alternate location. At the completion of the Recovery Phase, DAS will be functional and capable of performing the functions identified in Section 2.1 of this plan.4.1Sequence of Recovery ActivitiesThe following activities occur during recovery of DAS:Identify recovery location (if not at original location);Identify required resources to perform recovery procedures;Retrieve backup and system installation media;Recover hardware and operating system (if required); andRecover system from backup and system installation media.4.2Recovery ProceduresThe following procedures are provided for recovery of DAS at the original location. Recovery procedures should be executed in the sequence presented to maintain an efficient recovery effort.DAS is an n-tier application wherein the UI is a Windows desktop app, the application tiers (messaging and Service Oriented Architecture (SOA)) and the database tiers are in AWS. Regular snapshots of the application servers are maintained. Hence, if one of the application servers were to fail, a new server can be provisioned in minutes using such a snapshot. Additionally, most of the application servers are behind a load balancer in an auto scaling group so as to not only provide load sharing, but also continuity of operation while the failed server is automatically replaced using a pre-defined snapshot. In the database tier, a hot standby is maintained such that in case of a database crash, it is easy to promote the standby to primary and switch the data sources in the application tier to minimize impact on DAS users. Once DAS is operational again, the latest nightly full backup of the Oracle database is used to restore the failed primary database and convert it into the new standby database.4.3Recovery Escalation Notices/AwarenessWhile the recovery effort is underway, hourly status notification will be made to the ISCP Director/ISCP Coordinator by the appropriate support vendor (application and/or infrastructure).5.0ReconstitutionReconstitution is the process by which recovery activities are completed and normal system operations are resumed. If the original facility is unrecoverable, the activities in this phase can also be applied to preparing a new permanent location to support system processing requirements. A determination must be made on whether the system has undergone significant change and will require reassessment and reauthorization. Reconstitution consists of two major activities: validating successful reconstitution and deactivation of the plan.5.1Validation Data TestingValidation data testing is the process of testing and validating data to ensure that data files or databases have been recovered completely at the permanent location. Detailed validation test procedures are provided in Appendix E, System Validation Test Plan. 5.2Validation Functionality TestingValidation functionality testing is the process of verifying that DAS functionality has been tested, and the system is ready to return to normal operations. Detailed functionality test procedures are provided in Appendix E, System Validation Test Plan. 5.3Recovery DeclarationUpon successfully completing testing and validation, the ISCP Director/ISCP Coordinator will formally declare recovery efforts complete, and that DAS is in normal operations. DAS business and technical POCs will be notified of the declaration by the ISCP Coordinator.5.4Notifications (users)Upon return to normal system operations, DAS users will be notified by the ISCP Director/ISCP Coordinator using the most applicable media (e-mail, broadcast message, phone calls, etc.). 5.5CleanupCleanup is the process of cleaning up or dismantling any temporary recovery locations, restocking supplies used, returning manuals or other documentation to their original locations, and readying the system for a possible future contingency event.Materials, plans, and equipment used during the recovery and testing must be returned to storage or their proper location. All sensitive materials must be destroyed or properly returned to safe storage, as appropriate. Any personnel temporarily assisting other office locations during the disruption should be instructed by their respective team leaders to conclude their assistance and report to their primary sites and duties.5.6Data BackupAs soon as reasonable following recovery, the system should be fully backed up and a new copy of the current operational system stored for future recovery efforts. This full backup is then kept with other system backups. The DAS Server Backup Schedule is provided below:DAS Server Backup ScheduleServer NameServer TypeBackup SchedulePrimary Database ServerDatabaseIncremental Backups; Every Weekday Primary Database ServerDatabaseFull Backups: Every WeekSnapshots of the server whenever there is a new deployment or every two weeksSystem SnapshotsWhenever there is a new system deployment.5.7Event DocumentationIt is important that all recovery events be well-documented, including actions taken and problems encountered during the recovery and reconstitution effort, and lessons learned for inclusion and update to this ISCP. It is the responsibility of each ISCP team or person to document their actions during the recovery and reconstitution effort, and to provide that documentation to the ISCP Coordinator.Types of documentation that should be generated and collected after a contingency plan activation include:Activity logs (including recovery steps performed and by whom, the time the steps were initiated and completed, and any problems or concerns encountered while executing activities);Functionality and data testing results;Lessons learned documentation; and,After Action Report (including identification of any new components including all information applicable to the Configuration Management (CM) documentation.5.8DeactivationOnce all activities have been completed and documentation has been updated, the ISCP Director/ISCP Coordinator will formally deactivate the ISCP recovery and reconstitution effort. Notification of this declaration will be provided to NARA Helpdesk, all businesses and technical POCs.The following procedures will be followed to deactivate the ISCP for DAS:Verify that the application is functioning rm vested parties that the application has been restored and is functioning properly.Log details of the event and problems encountered with the ISCP.Incorporate problem solutions into later versions of the ISCP.APPENDIX A: PERSONNEL CONTACT LISTDAS ISCP Key PersonnelKey PersonnelContact InformationKey ersonnelContact InformationISCP DirectorWork301-837-3022Jason Clingerman System OwnerHome8601 Adelphi Rd. CellularCollege Park, MD 20740Emailjason.clingerman@ISCP Director – AlternateWork301-837-3024Richard SteinbacherHomeCellularEmailrichard.steinbacher@ISCP CoordinatorWork301-837-3022Jason Clingerman System OwnerHomeCellularEmailjason.clingerman@ISCP Coordinator – AlternateWork301-837-3024Richard SteinbacherHomeCellularEmailrichard.steinbacher@ICSP Team – Team MembersWork301-837-3161Adil Latiwala – Technical Point of ContactHomeCellular240-593-5831Emailadil.latiwala@Anton Davis - ISSOWork301-837-0430HomeCellular301-755-7026Emailwilliam.davis@Urmi Majumder – System AdministratorWorkHomeCellularEmailurmi.majumder@NARA HelpdeskWork703-872-7755EmailITsupport@APPENDIX B: VENDOR CONTACT LISTVendor Contact ListKey PersonnelVendorComponent/ServiceContact InformationOracleDatabasePhone: 1-800-223-1711Red HatWeb ServersPhone: 1-800-872-4786ApacheWeb ServersPhone: 1-800-872-4786MicrosoftReporting ServerPhone: 1-800-642-7676DSAServicePhone: 1-703-748-7001Amazon Web Services (AWS)Cloud Service ProviderPhone: 1-866-216-1072InfoRelianceCloud Service ProviderPhone: 1-844-458-5433APPENDIX C: DETAILED RECOVERY PROCEDURESDAS is an n-tier application wherein the UI is a Windows desktop app, the application tiers (messaging and SOA) and the database tiers are in AWS. Regular snapshots of the application servers are maintained. Hence, if one of the application servers were to fail, a new server can be provisioned in minutes using such a snapshot. Additionally, most of the application servers are behind a load balancer in an auto scaling group so as to not only provide load sharing but also continuity of operation while the failed server is automatically replaced using a pre-defined snapshot. In the database tier, a hot standby is maintained such that in case of a database crash, it is easy to promote the standby to primary and switch the data sources in the application tier and minimize impact on DAS users. Once DAS is operational again, the latest nightly full backup of the Oracle database is used to restore the failed primary database and convert it into the new standby database.APPENDIX D: ALTERNATE PROCESSING PROCEDURESIf the DAS Data Entry system is unavailable, the ISCP Director/DAS Technical Liaison shall inform staff via:EmailICNDAS Points of Contact (POCs)The email messages shall inform staff members that they may use the following methods to capture information to be entered later into the DAS Data Entry system when it is again available.To determine what fields are mandatory, access the Lifecycle Data Requirements Guide (LCDRG) online at determine what other fields are mandatory for a particular office, access all other fields, refer to the full LCDRG at To ensure the data they are capturing is correctly formatted according to the standards; refer to each element entry in the LCDRG.For fields that are controlled by authority lists, refer to the list that is available through the LCDRG.For fields that are controlled by authority files, format the name and/or heading as best as possible. For Organization Names and Person Names, search the authority files online via DAS or NAC. For all other headings, enter the term as it is known. After DAS Data Entry is available, it will be necessary to search and select the appropriate name or heading from the authority files.Using the above information, staff may enter the descriptive information in a spreadsheet with field names as the header and data values beneath. Once the DAS Data Entry system is available, they may cut and paste the information into the DAS system, type it directly into the system and/or select the appropriate values from the authority lists or files, or have Digital Public Access Branch staff convert the spreadsheets into XML for bulk import.Alternatively, staff may generate their own XML data (following the DAS XML schema) to be imported by Digital Public Access Branch staff after the system becomes available.If the network is down, DAS users may refer to a printed LCDRG (if available) and handwrite or capture their descriptive information. The printed version, however, does not include any of the authority lists.APPENDIX E: SYSTEM VALIDATION TEST PLANThe following procedures will be used to determine that the data is complete and current to the last available backup:Once database is restored, we will validate if there are any corrupt data blocks?and that all data files have been physically restored to the correct location using RMAN.ProcedureExpected ResultsPerformed byTo use VALIDATE to check database files and backups. This will tell if there is any corrupt block in the RMAN back up set.Start RMAN and connect to a target database.Execute the VALIDATE command with the desired options.For example, to validate all datafiles and control files (and the server parameter file if one is in use), execute the following command at the RMAN prompt:RMAN> VALIDATE DATABASE;Check the # of datafiles , their location and status from database control file and dictionary:select name from v$datafile;select file_name, status, ONLINE_STATUS from dba_data_files;To validate that all datafiles have been physically restored to the correct location:Login to the server as grid userThe list command should return the same number of rows as returned from v$datafiles (specified in database control file)DSAValidation Functionality Test:Functionality TestResponsible PartyCreate/Edit/Modify DataDSAWorkflowDSAAPIDSAExportDSAIngestDSAAuthority and Description SearchesDSAAPPENDIX F: DIAGRAMS (SYSTEM AND INPUT/OUTPUT)Figure 1: DAS System ArchitectureAPPENDIX G: HARDWARE AND SOFTWARE INVENTORYSystem inventory is found in Xacta and attached below:APPENDIX H: INTERCONNECTIONS TABLEThe ERA 2.0 system connects to DAS via an application programming interface (API). The DAS system generates weekly data export for the records created, modified, deleted from previous week in XML format and provides to NAC for ingestions. As required, the DAS system can also provide full data set in XML format. APPENDIX I: TEST AND MAINTENANCE SCHEDULEStepDate Due byResponsible PartyDate ScheduledDate HeldIdentify tabletop facilitator.March 2020ISCP CoordinatorMarch 2020March 2020Develop tabletop test plan.March 2020Tabletop FacilitatorMarch 2020March 2020Invite participants.March 2020Tabletop FacilitatorMarch 2020March 2020Conduct tabletop test.March 2020Facilitator, ISCP Coordinator, POCsMarch 25, 2020March 25, 2020Finalize after action report and lessons learned.April 2020ISCP CoordinatorApril 2020April 2020Update ISCP based on lessons learned.April 2020ISCP CoordinatorApril 2020April 2020Approve and distribute updated version of ISCP.April 2020ISCP Director, ISCP CoordinatorApril 2020April 2020APPENDIX J: ASSOCIATED PLANS AND PROCEDURESArtifacts related to plans and procedures such FIPS 199, BIA, and System Security Plan (SSP) are maintained as separate documents and can be found in Xacta. APPENDIX K: BUSINESS IMPACT ANALYSISBIA is found in Xacta and attached below:APPENDIX L: DOCUMENT CHANGE PAGEModifications made to this plan are as follows:Document VersionDescription of contents / revisionEditorChange Date1.0ISCP developed based on new templateNARA05/10/20172.0Review and update of ISCP ISSO – John Nelson05/14/20193.0FY20 Annual update. RTO in sections 1.2, 1.3, and 3.1 updated to match the FY20 BIA. Notifications updated to include NARA Helpdesk. Appendix A Contact List updated. Inventory and BIA updated with FY20 information. Test and maintenance dates updated to reflect the FY20 tabletop exercise.ISSO – Anton Davis04/15/2020 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download