Menu
Get in touch
Toll Employees

IT Disaster Recovery Policy

This policy sets out the Skylink network criteria design for global code of ethics.

Effective: 20 January 2020

Overview

This policy sets out Skylink Network policy for IT disaster recovery to operate, manage, or use IT services or equipment to support critical business functions.

Scope

This policy applies to everyone who works for Skylink Network in any capacity, full-time, part-time or casual, including temporary employees and contractors.

Principles

The purpose of this policy is to ensure that IT resource investments made by Skylink network, are protected against service interruptions, including large scale disasters, in form of application development, software implementation, natural disaster, theft or total loss of infrastructure.

Glossary

  • IT assets: IT assets installed on all facilities of Skylink network to operate, manage, or use IT services or equipment intended to support critical business functions.
  • Document control: An individual’s business data and documents shall be controlled and recorded for 10 years from the issuance date per Pakistan Company Act for legal and knowledge preservation purpose.
  • Records: Records being generated as part of the IT Disaster Recovery Policy shall be retained for a period of 10 years on hardcopy or media. The records shall be owned by the respective System Administrator or user and shall be audited annually (Fiscal Year).
  • Distribution and Maintenance:
    • The IT Disaster Recovery Policy document shall be made available to everyone connected in the scope of services.
    • The maintenance responsibility of the record document shall be supervised by the Record Controller Manager.
    • All changes and revisions of this policy document shall be made available to the concerned personnel.

Contingency Plans

  • The following contingency plans must be created using the following guidelines:

    • Developing the data backup plan:
      • Identify data on desktop computers, laptop computers, and wireless devices that need to be backed up along with other hard copy records and information.
      • Tapes, cartridges and large capacity USB drives with integrated cloud data backup software are effective means for businesses to back up their data. The security and frequency of backups should be checked. Backup must be stored with the same level of security as the original data.
      • The backup plan should include weekly scheduled backups (just as appropriate for Weekend) from desktop computers, laptop computers, and wireless devices to a Network Cloud Server, CD-R Disc and PC Data Storage Drives other than window operating drives.
      • Backing up hard copy vital records can be accomplished by scanning paper records into digital formats and allowing them to be backed up along with other digital data.
    • Network Cloud Server’s employee login should be acquired from Compliance Administrator/Designated Personnel to record all necessary data required to operate, manage, or use IT services or equipment to support critical business functions. (client installed on the user’s computer can also be automatically backed up).
    • Data should be backed up as frequently as necessary to ensure they are not lost as it is not acceptable by the Skylink administration policies and procedures.
    • Record Controller Manager should evaluate any potential gaps for lost data and define the “Recovery Point Objective.”

Privacy

Network Cloud Server, CD-R Disc and PC Data Storage Drives’ login credentials shall be considered as “confidential” and shall be made available to the concerned persons with proper access control. All employees shall be trained and informed for any significant changes to computing or telecommunications environment of Skylink Network.

Responsibility

The IT Disaster Recovery Policy shall be implemented by the Record Controller Manager/Designated Personnel to maintain security measurements set out within the Skylink Network.

Compliance and Review

The Administration is responsible for establishing, overseeing, and assessing achievement against measurable objectives in relation to goals set out in this policy.


The Human Resources and Compliance Department is responsible for all other objectives and initiatives set out in this policy.

Infringement of this Policy

Skylink network has a long-standing commitment to conduct our business in compliance with all applicable local and international laws and regulations and in accordance with the highest ethical business principles and any violations of the policy will lead to disciplinary action up to and including dismissal of personnel/contract cancellation.

Further Information

For further information, contact with the Human Resources Department or Compliance Administrator.


In this section