Security Policies Incident Response Plans

Natural Disaster: Fire, Floods and Tornadoes.

Risk Description

Loss of data, Loss of Internet and Power off.  E-services will be down and the devices malfunction. 

Existing Controls

Outdated and dilapidated fire alarm system 

Risk Mitigation Policy

  1. Develop an emergency plan for disaster response and flood prevention. 
  2. Develop Disaster Recovery and Business Continuity Plans. 
  3. Change the current location of Data Center in UTAS-Sur because it is now in the ground floor means that equipment will be flooded, services will be disrupted, and devices will be damaged if the water level rises due to rain or floods. 
  4. Make a daily full backup and place it in a safe place outside the university and the region according to international technical specifications. 
  5. Fire and water-resistant cabinets and doors are available to protect the data center, devices and servers. 
  6. Upgrade and maintain the fire alarm system 
  7. Prepare Disaster Recovery Data Denter contains all the data and services as a standby. All users will failover to the Disaster Recovery Data Denter data if the main site is down.  

Location/Contact Person details

The chairman of risk management sub-committee in UTAS-SUR
Dr.Sami Al-Batashi, Phone: +968 9293 9604
Email: sami.albattashi@utas.edu.om

Risk Management Authority

Risk Management Committee in UTAS-SUR

Risk Likelihood

Medium 

Risk Impact

High

Risk Level

Medium

Risk Incident Response Procedures

  1. Coordinate with the maintenance and security departments to ensure there is no electrical hazard at the disaster site and to allow entry. 
  2. Identify and prepare a technical, network and security teams to inspect sites, determine the extent of damage, and determine what the team needs to restore service. 
  3. Run the services from the Disaster Recovery Data Denter and make sure all users can reach it. 
  4. After the crisis is resolved in a timely manner, the maintenance department ensures that the necessary equipment, including air conditioning and power, network equipment, and backups are ready. 
  5. Enable the main site (main data center) again. 
  6. Submit a report detailing the mission to inform executive management and mission specialists. 

Risk Termination

By sending final report explained the problem causes and how we can mitigate next times. 

© 2025 Security Policies & Incident Response Plans