LOS ANGELES COUNTY
DEPARTMENT OF MENTAL HEALTH
  Policy 550.03 Information Technology Contingency Plan
 
  Procedures - Testing and Revision of Information Technology Contingency Plan
  1. The Information Technology (IT) Contingency Plan must be tested periodically in order to assure the workability of the plan in the event of a disaster and/or emergency. If testing establishes the need for changes in existing IT Contingency Plan procedures, then those procedures must be revised.
     
  2. Create the Test Plan spreadsheet:
     
    1. From the Application and Data Criticality Analysis spreadsheet, copy the Official System Name, System Owner, and Director's Priority Level columns into a new spreadsheet.
       
    2. Add columns for Test Name, Test Location, Plan Cross Reference, and Type of Test to create the Los Angeles County Department of Mental Health Test Plan spreadsheet, shown below:

      TESTING AND REVISION OF IT CONTINGENCY PLAN
      Date:
       
      Official
      System Name      		 System Manager/ Owner Director’s Priority Level Test Name Test Location Plan Cross Reference Type of Test
                   
                   

       
    3. Complete the spreadsheet by filling in all of the data.
       
      1. In the Test Name column, enter a descriptor that identifies a particular test within the test plan.
         
      2. In the Test location column, identify where the test preparation worksheet for the particular test is located.
         
      3. In the Plan Cross Reference column, identify the part or parts of this Contingency Plan that the test is intended to measure.
         
      4. In the Type of Test column, describe the kind of test that is being proposed (e.g., checklist test, simulation test, parallel test).
         
  3. Conduct one or more of the following exercises to test the IT Contingency Plan (including Backup, Disaster Recovery, and Emergency Mode Operation Plans) and to assure the workability of the plans in the event of a disaster and/or emergency.
     
    1. Tabletop exercise of response to specific scenarios,
       
    2. Technical restoration activities,
       
    3. Supplier and/or services tests, and
       
    4. Complete drills of the Data Backup Plan, Disaster Recovery Plan, and Emergency Mode Operation Plan.
       
  4. Revise the IT Contingency Plan to address any deficiencies discovered during the testing activities. Focus on improvements to role and responsibility definitions, processes, practices, and strategies.
     
  5. Revise the IT Contingency Plan and its procedures as needed if there are important changes involving personnel, contact information, suppliers, legislation, or business risks, processes, or strategies.
     
  6. Annually conduct one or more of the exercises to test the IT Contingency Plan as set forth in Section C above or when there are significant changes to the environment.
     
  7. Revise the IT Contingency Plan whenever testing establishes the need for changes in existing plan procedures.