Backup Recovery Points Should Not Expire Before Retention Period Rule
This rule ensures backup recovery points are retained for a specified duration to meet retention requirements.
| Rule | Backup recovery points should not expire before retention period |
| Framework | GxP EU Annex 11 |
| Severity | ✔ Low |
Rule Description:
The rule "Backup recovery points should not expire before retention period for GxP EU Annex 11" ensures that the expiration or deletion of backup recovery points is aligned with the defined retention period specified in the GxP EU Annex 11 regulations. This rule aims to maintain data integrity, availability, and compliance with the GxP (Good Practice) guidelines.
Troubleshooting Steps:
If there are any issues or violations related to this rule, the following troubleshooting steps can be performed:
- 1.Identify the backup recovery points that have expired before the retention period.
- 2.Determine the reason behind the expiration to identify any misconfigurations or errors.
- 3.Review the backup settings and retention policies to ensure they adhere to the GxP EU Annex 11 requirements.
- 4.Check if any specific backup software or tools are being used and ensure they are configured correctly.
- 5.Validate the integrity of the expired backup recovery points and evaluate the potential impact on compliance.
Necessary Codes:
There are no specific codes associated with this rule. However, if backup software or tools are being utilized, you might need to review and modify the related configuration settings appropriately.
Remediation Steps:
To remediate the violation of this rule, follow these steps:
- 1.Review the GxP EU Annex 11 regulations and identify the specified retention period for backup recovery points.
- 2.Verify the current backup retention policies and compare them with the required retention period.
- 3.If the retention period is shorter than required, modify the backup retention policies accordingly.
- 4.Make sure the modification aligns with the regulatory requirements without compromising data availability or compliance.
- 5.Document the changes made and ensure they are communicated to the relevant stakeholders.
- 6.Periodically monitor and re-evaluate the backup retention policies to ensure ongoing compliance with GxP EU Annex 11.
Note: The specific command-line interface (CLI) commands for remediation may vary depending on the backup software or tools used. Please refer to the respective software documentation or vendor support for detailed CLI commands if necessary.
Remember to thoroughly test and verify the backup recovery process after implementing any changes to ensure data availability and compliance.