Demonstrating Legal & Regulatory Compliance With Disaster Recovery And High Availability Frameworks

Wednesday 28th June, 2017

Client Challenge

The client, a global pharmaceuticals company, needed to ensure that Disaster Recovery (DR) requirements and High Availability (HA) classification for applications and systems were aligned to practical, executable processes.  

For compliance reasons, they required a business-aligned model and set of processes that could be used by the Security, Compliance and Audit teams to ensure consistency and quality in the end-to-end design, delivery and execution of DR and HA solutions. 

They also needed to align the underlying infrastructure design patterns with the business applications to ensure that levels of resilience and recovery were achievable.

Approach

Coeus worked with the business, technology and compliance teams to achieve the following goals: 

  • Joint development of Operationally Critical Applications (OCA) list (application definitions and classification) 
  • Agreement of a high-level workflow & decision matrix to determine the hosting platform & recovery options for applications and services 

We gained agreement with Architecture and Infrastructure services to standardize the underlying technology patterns & standards, and gained alignment with the security, compliance and audit teams to create a repeatable, transparent DR & HA approach. 

Additionally, we had to create a simplistic process flow to help drive standardized DR processes that were easily adopted and auditable and demonstrate an end-to-end application of recovery that met the needs of compliance (e.g. GxP, SOX, etc.) coupled with internal audit requirements. 

Results

The client received a clearly documented framework and set of HA and DR procedures that would demonstrate compliance to the regulatory and legal departments - and authorities - for the design delivery and testing of existing and future applications and systems.  

This also provided a cost reduction by streamlining the design patterns by being reusable frameworks and provided Quality assurance for the HA and DR procedures.