DR Phases and Implementation

This topic provides high-level overview of the DR operational phases to support DR strategy for CMS. The scope of this topic is limited to IT systems and related components for DR that should be part of the overall COOP strategy. Please refer to CMS Continuity of Operations Plan for more details.

The DR process includes the following four phases:

  • Phase I - DR Readiness and Preparedness

  • Phase II - Activation

  • Phase III - Continuity Operations

  • Phase IV – Reconstitution

DR Readiness and Preparedness

Phase I includes preparatory activities that are performed in advance of a disruptive event to ensure CMS is ready to respond effectively and recover quickly in an event of a disaster.

DR Readiness is the ability of an organization to respond to a continuity activation. Readiness is an aspect of the planning and training activities, but ultimately CMS leadership is responsible for the overall determination of readiness. It must know that systems can perform disaster recovery operations, including essential functions before, during, and after emergencies.

CMS readiness activities are divided into two key areas:

  • Organization readiness and preparedness

  • Staff readiness and preparedness

The topics below provide overview of activities that are part of the Readiness and Preparedness phase.

DR Plan

The DR plan defines the hosting facilities processes for systems reestablishment and involves a set of policies, tools and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a disruption. The DR Plan may sit at a data center or with the owner of a cloud virtual data center where applicable.

The DR plan:

  • Defines recovery from various emergencies, usually physical events, that result in disruption to service that inhibits access to primary facility infrastructure for an extended period of time.

  • Focused on restoring operations of an information system, application, or computer facility at an alternate location after an emergency.

  • May support Component Business Continuity Plan (BCP) to recover supporting systems for ESAs at an alternate facility once it has been established.

  • May support or more Information System Contingency Plans (ISCP) to recover individual systems.

  • Only addresses emergencies or information system disruptions that require relocation.

Test, Training and Exercises

  • Participate in CMS Test, Training Exercise (TTE&E) Program activities including corrective actions for incorporation into the following year’s continuity tests and exercises.

  • Conduct quarterly communication and IT testing of the CMS Continuity Facility at the Maryland Mission Support Center (MMSC).

  • Participate in annual Eagle Horizon (EH) exercise in accordance with the CMS TTE&E plan.

Communications

  • Conduct periodic testing of information technology (IT) and communication systems supporting continuity readiness.

Emergency Relocation and Teleworking

  • Ensure ERG members have logistical information to relocate to alternate facilities.

  • Monitor and maintain awareness of potential threats and developing situations through liaison with the HHS.

  • Ensure accounting for personnel and reporting procedures are in place.

Activation

DR Plan activation is a scenario-driven process that facilitates flexible and scalable responses to a full spectrum of emergencies and other events that could disrupt CMS operations. Activation is not required for all emergencies and disruptive situations that do not require relocation to an alternate site, since other actions may be deemed appropriate to maintain normal operations. A senior management official, such as the CIO, has the ultimate authority to activate the plan and to make decisions regarding spending levels, acceptable risk, and interagency coordination.

Reconstitution

Reconstitution Objectives

The overall objectives of the CMS Reconstitution Plan are to identify and outline the processes and procedures to return to normal operations once the Administrator or successor determines that reconstitution operations for resuming normal business operations can be initiated. Specific plan objectives are:

  • Provide an executable plan for transitioning back to efficient normal operational status from continuity operations or devolution status once a threat or disruption has passed.

  • Coordinate and pre-plan options for organization reconstitution regardless of the level of disruption that originally prompted the organization to implement its continuity plans. These options must include moving operations from the continuity facility or devolution site to the primary operating facility, a temporary operating facility, or a new or rebuilt operating facility.

  • Outline and execute the necessary procedures, whether under a standard continuity of operations event or under a devolution event, for conducting a smooth transition from the continuity facility to the primary operating facility, a temporary operating facility, or a new/rebuilt operating facility.

  • Ensure a safe location for organization staff to resume normal organization operations.

  • Reduce or mitigate disruptions to organization operations.

  • Ensure and validate reconstitution operations readiness through an integrated continuity TT&E program and operational capability.

Facilities and Information Technology

Following an emergency event, organizational facilities and infrastructure may be partially damaged or destroyed by the event. Physical damage to facilities and IT requires damage assessments and facility procurement procedures for addressing facility issues.

Reconstitution Processes for Facilities and Information Technology include the following:

  • Damage Assessment

  • Facility Recovery Plan

  • Information Technology Recovery Plan

  • Consolidated Facility and Information Technology Recovery Implementation Plan

Transition to Normal Operations

When reconstitution is nearly completed and the rebuilt or new CMS facility is ready to be occupied, reconstitution personnel must verify that:

  • All IT systems, communications, essential records, and other required capabilities are tested, available, and fully operational.