Information Technology (IT) at Mississippi State University is mission critical. Every facet of the institution's mission, from learning, to service, to research, is dependent on its IT systems, resources, and services. The consequences of a failure within the university's IT infrastructure could vary from insignificant to catastrophic depending on a number of factors including the scope of the failure, the time at which it occurs, and the length of time it takes to restore normal operation.
Because of this dependence on information technology, MSU's Information Security Policy requires comprehensive IT disaster recovery planning (DRP) and business continuity planning (BCP) to mitigate the effects that a major IT failure might have on the university's ability to conduct business and provide services to its students and employees. Key elements of the plan include:
- Risk assessment to determine the potential threats and consequences
- Provision for business continuity should a major IT failure occur
- Restoration of IT systems and services to normal operational status in a timely manner
Departments with significant IT operations or particularly heavy reliance upon information technology for business operations are required to have a DRP/BCP plan. Equally important is the requirement that departments continue to update their plans over time as changing technologies and university requirements dictate.
The Information Technology Council monitor departments for compliance with these requirements. The Department of Internal Audit audits for compliance with these requirements. Departments required to maintain an IT Disaster Recovery/Business Continuity Plan include:
- Information Technology Services
- Payroll Office
- Procurement and Contracts
- Property Control
- Human Resources Management
- Registrar's Office
- Student Health Center
- MSU Extension Service
- Alumni/Development Foundation
- University Libraries
- High Performance Computing Collaboratory
- General Counsel