1. Tell us about the types of disasters that NIRS takes priority to look over.

The types of disasters that NIRS takes priority to look after are about 10 different kinds. Some of the typical ones include 1) fire, 2) earthquake, 3) storm and flood, 4) power supply error, 5) terrors, and more. NIRS equips a systematic Business Continuity Plan (BCP)s per each disaster and in time of emergency, the organization carries out each duty in charge for the circumstances according to specific manuals and protocols.


2. How are levels of recovery of tasks assessed?

NIRS has classified all tasks to be managed into 4 grades which are essential 1st, core 2nd, and general 3rd and 4th. They are categorized according to the 1) degree of impact to businesses, 2) The number of users, and 3) level of influence to services. Essential and core responsibilities are to be resumed with the highest priority when any interruption in service provision occurs.

Maximum tolerance time over a disaster recovery counts the duration between the officially registered time at nTOPS or service desk right after initially being aware of disaster occurrence either by NIRS or corresponding institution and the time of final resolution of the problem. Exclusive guidelines and protocols are required to be complied with per each level of tasks.


3. Could you let us know about the kinds of regular backup or dispersion activities that NIRS practices to secure service continuity?

Regular backup exercises include daily increment and weekend whole. Irregular temporary back-ups are conducted on required occasions after being discussed among people in charge. Talking about dispersion, both online and off-line (physical) forms are also taken into consideration. Schedule, method, frequency, and saving period of backing up data are also operated with classes based on associated rules and regulations.


4. How is the brand new NIRS Disaster Recovery Center like?

NIRS Disaster Recovery Center, currently under construction since 2019, to be completed by 2022 is designed as earthquake-proof, base-isolated, and EMP-proof to secure continuity of government businesses and data security over unexpected disasters and accidents. Currently, in 2021, NIRS is working on investigating ways to transfer existing disaster recovery systems in Daejeon and Gwangju and implement new disaster recovery schemes. Compared to the legacy buildings, this brand new one would be underground-bunker shaped.


5. What other protection facilities would be available in new construction except EMP to protect internal systems?

There would be CBR facilities first for hundreds of people to be able to survive for a certain time-based on the to-be-protected classes, gas interception competency to divide contaminated areas and clean zones, and explosion-proof valve to block the inflow of any harmful air in the new structure. Besides, the base-isolated design of the whole building to prevent the construction from earthquake waves would be one of the significant protection schemes of a new edifice.


6. Share with us about green practices that NIRS conducts.

To save more isothermal-isohumidity controlling energies, NIRS introduced precooling systems through the ESCO project as it spends quite some money on that sector. Through the efforts, it could save over USD600,000 for the past 5 years. PUE index also indicates its highest level of 1.592 in 2020. At the same time, NIRS does not save its efforts to replace outdated devices with highly efficient ones, manage hot and cold isles of computer rooms to economize more power energy. It has completed supplying LED lights in offices to keep up the energy efficiency of office space as well. NIRS does not install or operate a solar light facility as it is a leased property currently.


7. Are there duties that could be executed remotely from outside?

Some institutions run information systems and data status check via far-off environments by accessing disaster recovery systems. They technically can also start and stop services. The systems could be employed from a distance when conduct drills in particular which requires promptness.


8. How is business continuity secured in the annually renewed contracting environment over open bidding?

NIRS enters into both a general contract and a service level agreement with each client agency to secure quality system operation and thorough service management over business grades, service levels, and operation scope.

As mentioned earlier, grades of tasks are designated after considering several factors such as degree of impact to businesses, number of users, and level of influence to services.

Distinctive requirements and demands per each client could be accommodated through discussion not only along with service levels and scopes but also assignment and penalties.


9. Briefly tell us about the disaster recovery drills of NIRS.

NIRS conducts disaster recovery drills over essential different sectors annually. The exercises include assorted areas such as information system incidents, fire, earthquake, power supply error (emergency power generators, UPS, etc.), backup recovery and cybersecurity incidents, and more which are obligated to carry out more than once a year. The drills are to secure business continuity in contingencies, which require getting the places where disaster recovery systems are in place, drive the systems, and need to retrieve emergency services.


10. Is DR of NIRS run Active-Active?

No, currently it is operated as an Active-Standby arrangement. However, once 4 centers would successfully be started to talk to each other in one language when stable migration of new clients’ systems is completed, the Active-Active pattern is expected to be feasible among all centers in real-time. We anticipate the effect would be maximized as integrating the National Network project is productively wrapped up which is actively ongoing currently.