On Jan 12, 2023, the EDSC team walked through our contingency plan, discussing scenarios and how to recover from them.  We also went to various websites,

such as Bamboo (CI/CD) and Snyk, and showed how to respond in the event the contingency plan is activated.

Topic

Notes

Date of training

10:00 - 11:00

Who all attended the training?

Daniel Dufour, Matthew Crouch, Trevor Lang, Bryant Ademiluyi, Alicia Aleman, Heather Grams, Rajiv Gunja

What SOPs were discussed?

EDSC Contingency Plan

  • how to re-run CI/CD for EDSC (rebuild/redeploy)

  • how to change environmental variables (Bamboo variables)

  • how to pin or update dependency versions
  • how to log into Snyk and view vulnerability reports
  • how to back-port vulnerability fixes
  • how to backup and restore database for EDSC
  • how to restore github
  • contact tree (aka phone tree)

Did all members who were responsible for the step present and knew their role?

  • Alicia as new first point of contact (and Heather as backup)
  • Matthew as technical lead (and Trevor as backup)
  • There is a call tree notification in the CP document that will need to be updated as Daniel and Alyssa are moving to new roles

Did you find places where an SOP or process could be improved or was not documented correctly?

  • No

Did you assign backups to your SMEs or people with key roles?

  • There is a call tree notification in the CP document which notes this information 

What is your cadence of CP training moving forward?

  • At a minimum, we will do the exercise yearly 

Actions

  • Daniel Dufour send Security an updated OSA with Alicia as first point of contact (and Heather as backup)
  • Trevor Lang , submit request for RSA token