147-33.89.  Business continuity planning.

(a)        Each State agency shall develop and continually review and update as necessary a business and disaster recovery plan with respect to information technology. Each agency shall establish a disaster recovery planning team to develop the disaster recovery plan and to administer implementation of the plan. In developing the plan, the disaster recovery planning team shall do all of the following:

(1)        Consider the organizational, managerial, and technical environments in which the disaster recovery plan must be implemented.

(2)        Assess the types and likely parameters of disasters most likely to occur and the resultant impacts on the agency's ability to perform its mission.

(3)        List protective measures to be implemented in anticipation of a natural or man-made disaster.

(b)        Each State agency shall submit its disaster recovery plan on an annual basis to the State Chief Information Officer. (2003-153, s. 2; 2004-129, s. 21.)