WI-IT-01-002 信息系统灾害恢复工作指引

1 目的 Purpose
确保各部门资讯系统以及相关IT设备不致因病毒、人为或外来不可抗拒之因素影响而损毁或消失；
Ensure information is not likely to be damaged or disappeared because of the storage of the computer software and file suffers from virus or influence from foreign and irresistible factors other than the computer itself.
2 范围 Scope
2.1 IT硬件设备的灾害恢复 IT hardware equipment disaster recovery
2.1.1 服务器及各部门的电脑、打印机设备；
All hardware, software and printers associated with the computer.
2.2 软件、信息系统的灾害恢复 Software, information system disaster recovery
2.2.1 各部门电脑中的文件数据、应用软件、信息和电邮；
File data, application software, information and email.
2.2.2 管理系统软件及管理过程中形成的重要数据；
Management system software and the important data.
3 定义 Definition
无
4 职责 Right & Responsibility
4.1 相关部门 Related department
4.1.1 及时告知IT部门相关的异常情形；
Inform the IT departments related to abnormal situation.
4.1.2 遵守相关IT设备使用规范与保养工作指示；
Comply with the standard of IT equipment and maintenance instructions.
4.2 IT部门 IT department
4.2.1 系统崩溃；System break down.
4.2.2 病毒攻击；Hack Attack.
4.2.3 机密数据泄露； Secret information leakage.
4.2.4 电力供应失效；Electric power supply failure.
5 内容 Contents
5.1 系统崩溃；System break down
5.1.1 相关部门 Related department
5.1.1.1 系统崩溃时，部门负责人员需要立即终止任何操作，及时向IT部门报告情况。

When the system break down, departments in charge of personnel needed
immediately terminates any operation, timely report to the IT department.
5.1.2 IT部门 IT department
5.1.2.1 IT技术人员了解具体情况后，必须立即到现场检查相关情况。

在通过技术手段尝
试系统恢复前，必须先备份相关重要数据。

IT technical staff to understand the specific situation, must immediately to the
scene to check the relevant circumstances. Through technical means try system
restore, need to backup important data.
5.1.2.2 IT技术人员在确认无法通过技术手段修复后，必须尽快联系商家报修，并将维修
情况和设备问题告知设备使用部门的负责人，必要时提供临时设备给部门使用。

IT technical staff in the confirmation cannot pass technical measure after repair,
must as soon as possible to contact suppliers to repair, and will inform the
equipment repair using departments, necessary to provide temporary equipment
to use for the department.
5.2 病毒攻击 Hack Attack
5.2.1 IT技术人员了解具体情况后，首先要及时断开网络连接，防止病毒扩散。

IT technical staff to understand the specific situation, the first time to disconnect from the
network, prevent the spread of the virus.
5.2.2 将受病毒攻击的电脑先保存数据文件，然后使用专业杀毒软件进行全盘病毒扫描，查杀病
毒并修复被损坏的文件。

Will be subject to virus attacks computer to save the data file, and then use the
professional antivirus software overall virus scanning, killing the virus and repair the
damaged file
5.2.3 对此次病毒攻击事件做好记录报告，防止此类情况再次发生。

On the virus attack incident report, prevent this from happening again.
5.3 机密数据泄露 Secret information leakage
5.3.1 将数据泄露情况通知IT部门技术人员和部门负责人，控制事态发展。

Notify IT technician and departments in charge of data leakage, control developments
5.3.2 IT部联合相关负责人对此事故作出调查，找出数据泄露原因，杜绝此类事故的再次发生。

IT Department of the relevant responsible person of the accident to investigate, finding
data leakage, to prevent similar incidents from happening again
5.3.3 对蓄意破坏人员给予处罚措施，并做好记录报告。

On the intentional destruction of personnel to give punishment measures, and make a
record report.
5.4 电力供应失效 Electric power supply failure
5.4.1 电力供应失效时IT机房UPS备用电源自动启动；
If the power supply failure, IT room UPS standby power automatic start.
5.4.2 及时通知IT部门对相关设备做出维护调整；
Inform the IT department to make adjustment of equipment maintenance.
6 相关文件
6.1 KK-OP-009 灾害恢复管理程序
7 记录
无
8 流程图
无。