User login


Business Continuity And Disaster Recovery Policy

Effective Date: October, 2013

Revised:  November 2014, July 2019

I. Introduction

Columbia University requires adequate protections to be established to assure the continuity and recovery of the University’s business following the loss of Systems (as defined in the Columbia University Information Security Charter (the “Charter”) that are critical to the operations of a business unit of the University (a “Key Business System”). This Policy defines acceptable methods for business continuity and disaster recovery planning, leveraging a risk-based analysis in order to prepare for and maintain the continuity of the University’s operations in case of the loss of a Key Business System. 


Capitalized terms used herein without definition are defined in the Charter.


II. Policy History

The effective date of this Policy is November 1, 2013.  This Policy replaces the CUIMC Information Security: Disaster Contingency and Recovery Plan Policy, dated November 15, 2007.


III. Policy Text


 To see the full text of this policy, please use the link on the right.