Navcon Advanced Systems

DISASTER RECOVERY PLAN

Code: ISO-NAV-A.17-Disaster_Recovery_Plan

Version: Ver.1.1

Date of version: 01 March 2020

Created by: Jazin

Approved by: Naif Alsulaim

Confidentiality level: Internal

Organization name Internal

Change history
Date Version Created by Description of change

01 1.0 Jazin Basic document outline

November
2018

05 2.0 IT Supervisor Removed Jazin from the list and Hashim added on the
December list
2019

01 March 2.1 IT Supervisor Company Name and Logo

2020

Table of contents
1. PURPOSE, SCOPE AND USERS................................................................................................................... 3

2. ASSUMPTIONS / LIMITATIONS ................................................................................................................. 3

3. GENERAL INFORMATION ......................................................................................................................... 3

4. ROLES AND CONTACT INFORMATION ...................................................................................................... 4

5. AUTHORIZATIONS IN A CRISIS .................................................................................................................. 5

6. NECESSARY RESOURCES ........................................................................................................................... 6

7. RECOVERY STEPS FOR THE IT INFRASTRUCTURE / IT SERVICES................................................................. 7

8. MANAGING RECORDS KEPT ON THE BASIS OF THIS DOCUMENT .............................................................. 8

9. VALIDITY AND DOCUMENT MANAGEMENT ............................................................................................. 9

10. ADDITIONAL DOCUMENTS ................................................................................................................... 9

Disaster Recovery Plan ver 2.1 from 01 March 2020 Page 2 of 9

Organization name Internal

1. Purpose, scope and users

The purpose of the Disaster Recovery Plan is to define precisely how Navcon Advanced Systems will
recover its IT infrastructure and IT services within set deadlines in the case of a disaster or other
disruptive incident. The objective of this Plan is to complete the recovery of IT infrastructure and IT
services within the set recovery time objective (RTO).

This Plan includes all resources and processes necessary for the recovery, and covers all the
information security aspects of business continuity management.

Users of this document are members of the top management and employee’s necessary for the
recovery of this activity.

2. Assumptions / limitations
In order for this plan to work, the following conditions must be met:

 All the equipment, software and data are available as planned in [document]
 At the moment of an incident, the employees of the IT department have been transferred to
the alternative site – this is the starting point for this Disaster Recovery Plan

This plan does not cover the following types of incidents:

3. General information

Location of the alternative site / recovery strategy

Hotel Name Rental Fee Remarks Contact

Negotiable. Price Varies depending

Can accommodate Required
on the no. of days required
people/ with high speed
Ayla Hotel (availability of the facility is subject 3 74 60 904
internet and sufficient
for approval from Al Ain City
electrical sockets
Tourism Authority)

Disaster Recovery Plan ver 2.1 from 01 March 2020 Page 3 of 9

Organization name Internal

Recovery time objective: 48 Hrs

Person responsible for Managing Director/ oral or written

Disaster Recovery Plan
activation / means of
activation:

People who must be IT Dept / responsible SSD Manager

notified about plan
activation / who is
responsible:

Person responsible for SSD Manager/ [oral or written] / The criteria is that all conditions have
deactivation of Disaster been met to resume the provision of IT services to the business users.
Recovery Plan / means of
deactivation / criteria:

Key tasks / obligations Restoring Servers and connections / Safe work conditions for employees

Minimum capacity that is SSD - 2 employees , SDD-4 employees , CRD-2 employees , QA-1
required immediately employee, MAVRD-2 employees
after the disaster:

Period after which the 48 Hrs

normal operational level
must be resumed:

4. Roles and contact information

For IT department:

No Role in Name Job title / Mobile Landlin E-mail Home No. of

. recover organization phone e addres substitut
y al unit phone s e
1. Recover Naif Al SSD Manager 056629651 [email protected] Alain 2
y sulaim 1 e

Disaster Recovery Plan ver 2.1 from 01 March 2020 Page 4 of 9

Organization name Internal

Manage
r
2. Recover Musab IT Supervisor 055213930 [email protected] Alain 3
y elwad 9 e
Operato
r
3. Recover Hashim Network And 055305114 h.faragabi@navcon. Alain 4
y Faraga Server Admin 5 ae
Operato bi
r
4. Recover Antony IT Assistant 055243290 [email protected] Alain
y Flores 6
Operato
r

Other activities in the company:

No. Name Job title / Mobile Landline E-mail No. of

organizational phone phone substitute
unit
11. Fazil Punnaseryl CRD 0556508464 [email protected] 12
12. Nishad Ali CRD 0564149410 [email protected]
13. Baharuldeen SDD 0566260313 [email protected] 14
14. Beer SDD 0559679957 [email protected]
15. Yousuf Al Sulaim QA,MAVRD 0527720444 [email protected] 15
16 Ashique QA,MAVRD 0567429509 [email protected]

External contacts:

No Name of Name Job title / Mobile Landline E-mail No. of

. organization organizationa phone phone substitut
l unit e
21. HOTEL Refer General ICT
information Infrastructure
22. Net Desire Raghu HW/SW 0553850 raghu@netd 23
supplier 124 esire.ae
23. CAP jaison HW/SW 0551335 jason@capd
supplier 376 ubai.com
24. Aerovative Shahid A Outsource 0091- a.shahid@ae
Technologies Partner 9895073 rovative.co
500 m
25. Police Control Room Govt Agency 999
26 Ambulance Control Room Govt Agency 998
27 Fire Control Room Govt Agency 997
28 Electricity Control Room Govt Agency 991

5. Authorizations in a crisis
Disaster Recovery Plan ver 2.1 from 01 March 2020 Page 5 of 9
Organization name Internal

Role in recovery / job title Authorizations

SSD Manager Authorized to take all steps specified in this Disaster Recovery Plan in order
to recover the IT infrastructure / IT services
SSD Manager Authorized for urgent purchases of equipment/services
CRD Manager Authorized to communicate with clients
SSD Manager Authorized to communicate with state authority
IT Team Authorized to cooperate with supplier/outsourcing partner

Note: only The Managing Director is authorized to communicate with the public through public
media

6. Necessary resources
The following resources will be used for the recovery of this activity:

Name of resource Description Amount When the resource Person

is necessary responsible for
obtaining the
resource
IT and Servers Or High 2 24 Hrs SSD Manager
communications Configure PC's ( HP
equipment: Proliant DL8 or 9,
Dual Xenon
Processor, 64 GB
Ram , Storage 5TB
)
Suppliers
(Netdesire , CAP )
PC's (I7 8GB Ram , 9 24Hrs IT Team
1TB HDD)

Communication Leased Line 1 24hrs IT Team

channels: 10Mbps internet
with Static Ip's,
From Etisalat with
Network Devices
Fortinet Firewall 1 24Hrs IT Supervisor
Switch 52 port 1 24Hrs IT Team

Other equipment:
APC Ups 5000 Kva 1 24Hrs IT Team

Facilities and Refer above

Disaster Recovery Plan ver 2.1 from 01 March 2020 Page 6 of 9
Organization name Internal

infrastructure:

7. Recovery steps for the IT infrastructure / IT services

This activity should be recovered in the following way:

Recovery procedures (main steps / individual Persons Communication Implementation

tasks) responsible for (content, to whom) record (date /
implementation time)
PC Recovery PLan
[task no. 1.1] IT Team must notify SSD IT Supervisor SSD Manager
Manager about the workstations that are
required
[task no. 1.2] IT Team creates a list of all IT Team SSD Manager
the PCs and other equipment together
with the required configuration
[task no. 1.3] IT Supervisor together with IT Team SSD Manager
the SSD Manager defines priorities
[task no. 1.4] IT Supervisor calls the IT Team SSD Manager
hardware supplier and specifies the
amount, configuration, delivery times and
delivery locations
[task no. 1.5] IT Team checks if the IT Team SSD Manager
delivery was made according to the
specification

...
Infrastructure and facility Plan
[task no. 2.1] Recovery Management Team to Recovery Team Managing Director
inspect the new infrastructure and facilities
[task no. 2.2] Finding Work place Recovery Team Managing Director
arrangements with new infrastructure
...

Disaster Recovery Plan ver 2.1 from 01 March 2020 Page 7 of 9

Organization name Internal

Restore Plan
[task no. 3.1] IT Team will work on the IT Team SSD Manager
installations and configuration of the new
work environment
[task no. 3.2] IT Team will check the server IT Team SSD Manager
and network communications and finalize it
[task no. 3.3] IT Team will restore the data IT Team SSD Manager
from the last backup and make ready for
users to work
[task no. 3.4] IT Team will test the backup IT Team SSD Manager
data and the network before handing over .
[task no. 3.5] The Concerned Managers of Recovery Team Managing Director
each dept in the recovery team will verify the
data and work environment .

---
Manpower PLan
[task no. 4.1] The Concerned Managers will Recovery Team Managing Director
assign the minimum man power required for
running the business
[task no. 4.2] The CRD Manager will co- CRD Manager Managing Director
ordinate with the clients as part of business
continuity
[task no. 4.3] The SSD Manager will co- SSD Manager Managing Director
ordinate with the partners as part of business
continuity
----

8. Managing records kept on the basis of this document

Record Storage location Person responsible Contro Reten
name for storage ls for tion
record time
protec
tion
Record of https://vmserver.navcon.ae/svn/ISO27001/ISO27 IT Team Recor 3
recovery 001/08_Annex_A/A.17_Business_Continuity ds are years
step store
implemen d in
tation SVN

Only SSD Manager can grant other employees access to the records.
Disaster Recovery Plan ver 2.1 from 01 March 2020 Page 8 of 9
Organization name Internal

9. Validity and document management

This document is valid as of 01 November 2018.

This document, together with all additional documents, is stored in the following way:

 The paper form of the document is stored at the following locations: [SSD Manager Room &
MD residence & Electronic copy in TACME server].
 The electronic form of the document is stored in the following way:
[https://vmserver.navcon.ae/svn/ISO27001/ISO27001/08_Annex_A/A.17_Business_Continui
ty].

The owner of this document is IT Team , who must check and if necessary update the document at
least once a year.

When evaluating the effectiveness and adequacy of this document, the following criteria need to be
considered:

 number of corrective actions based on conducted exercises

 number of corrective actions based on implementation of the plan in a crisis
 in the case of a crisis, whether the recovery was completed within the recovery time
objective

10. Additional documents

 [technical documentation for ICT systems]
 [working instructions]

Support Services Dept Manager

Naif Alsulaim

_________________________
[signature]

Disaster Recovery Plan ver 2.1 from 01 March 2020 Page 9 of 9