State flag of Tennessee An official website of the Tennessee Secretary of State.

Certification Files

RDA Number
3064
Effective Date
Record Series Abstract
Records Series consist of but not limited to: Certification, Denial certifications, applications , letters, certifications, and document verification process to confirm certificates as Minority Business Enterprise, Woman Business Enterprise, Service Disabled Veterans and Small Business Enterprise.
Record Series Active
Yes
Cut Off at End of
Fiscal Year
Total Retention Years
5
Total Retention Months
0
Retention End Action
Destroy
Disposition Notes
Records are generated and uploaded into an Electronic Web Base Program which is maintained by a third party vendor. The approved certification records will be kept active for three years and inactive for 2 years and denial certification records will be kept for 5 years, then destroyed.
Record Location
Amazon AWS Data Center, Northern Virginia
File Arrangement
ALPHA
Media Format Generated
Electronic
Date Range
2010 to Current
Allotment Code
32110
Annual Accumulation
Electronic: 5GB/yr
Current Volume
Electronic: 37GB
Record Value
Administrative
Fiscal
Audit Requirements
State
Information Shared Outside the State
Yes
Shared Agencies
Contractors, Corporations outside of the State, Airport Authority
Essential Record
Yes - Original
Essential Record Stored
Primary and backup servers as detailed below
Essential Record Media Type
Electronic
Confidential
No
Does this Record Series Contain Sensitive Information?
No
Agency Retention
5
System Name
TN Diversity Software
Hardware Description
Within the secure facilities, B2Gnow employs state of the art system architecture. This allows B2Gnow to manage millions of records while being secure, robust and scalable. to maximize security, B2Gnow hardens all servers to CIS standards. Web servers are load balanced and they exchange data with a set of clustered database servers. Important data is stored on a redundant disk array that is regularly backed up. Inbound and outbound data is processed by a set of interface servers that perform all required actions. They either import and save the information to the database or export and send it to a designated customer system. The system contains the following components: Primary database instance (1), Reporting database instance (1), Backup database instance (1), Load balanced webservers (4), Email server (2), Import/Export servers (2), File servers (2), Secure FTP servers (2), Standard reporting servers (2), Ad-hoc reporting servers (2), Firewalls (2, Active-Active), Intrusion detection device (1), Intrusion prevention devices (2).
Software Description
Diversity Contract Compliance Management Software System using B2GNow software in key functional areas of vendor management, contract compliance, online application for certification and outreach and event management.
System Location
Amazon AWS Data Center, Northern Virginia
Backup Procedures
The Primary Database instance is replicated in real time to multiple database instances, including the Database instance in the Disaster Recovery environment. Daily database backups are saved locally to the Database server, with an additional copy saved to the Administrative server. Website files are backed up and saved to the Administrative server daily. Secondary website files are also saved to the Administrative server daily. The File Server Upload directories are synchronized to Amazon's S3 directory daily. The FTP Server Account directories are synchronized to Amazon's S3 directory weekly. All Amazon Web Services instances are updated nightly using bit-block-level snapshots of data drive volumes saved to Amazon's S3 Archive. These snapshots can be deployed to the Disaster Recovery environment for faster, more efficient builds of new instances. All data at rest in the system is copied and uploaded to a Microsoft Azure Cloud File Repository weekly. This location is managed by B2Gnow outside of Amazon Web Services as an additional safeguard in the event of a global Amazon infrastructure failure.
Disaster Recovery
Disaster recovery process is facilitated entirely by B2Gnow. This section details the general steps to successfully execute switch-over and switch-back between B2Gnow's Production and Disaster Recovery environments. B2Gnow's Disaster Recovery environment includes all mission-critical services and core system functionality. All B2Gnow DR infrastructure elements are maintained in hot spare or cold spare status, preconfigured and tested for instant activation and use. The majority of the time in the recovery timeline is test and verification activities before allowing users to access the system. Phase 1 (estimated completion time is about 15 minutes): Upon identified and validated system outage, a decision will be made by B2Gnow leadership regarding whether a full switch-over should be executed. If the cause of the outage is unable to be resolved locally within the Production environment, B2Gnow technical administrators will assess potential risk factors associated with a full switch-over to the Disaster Recovery environment. Phase 2 (estimated completion time is about 90 minutes): 1.Replace existing data volumes on each instance with the latest snapshots stored in Amazon's S3 Archive. 2.Activate any dormant Disaster Recovery instances. 3.Verify all website load balancers have the latest SSL security certificates deployed. 4.Verify/update domain usernames and passwords for disaster recovery domain authentication. Servers to be updated: Web Server User Account Web Server Virtual Directories Database Server User Mapping Task/Email Server User Account File Server Share Permissions Standard Reporting Server Manager 5.Update DNS records and perform the DNS bulk upload based on the environment information provided. This comprehensive list includes all: A DNS records SPF DNS records CNAME records Phase 3 (estimated completion time is about 30 minutes): 1.Test primary system functionality: B2Gnow Application Standard Reporting Customer Portals Web Service 2.Send notification to all clients, informing them of the situation and the fact that the B2Gnow system is currently running on a Disaster Recovery System. Disaster Recovery Restore-To-Production Process Phase 1 (estimated completion time is about 120 minutes): 1.All customer technical contacts are notified of the scheduled restoration window (with a minimum 48-hour notice). Restoration will be performed outside of normal business hours and will require final approval from B2Gnow's CEO, COO or Senior System Administrator before commencing. 2.B2Gnow technical administrators will activate all Production Instances. 3.A Maintenance Page will be activated by B2Gnow technical administrators to be displayed to all end users attempting to access the B2Gnow system. This is to keep users from logging in to the system and making any changes to any data in both the Production and Disaster Recovery systems until restoration to Production is complete. 4.All active sessions in the system will then be immediately terminated. 5.Synchronize all data at rest from the Disaster Recovery instances to Amazon's S3 Archive. 6.Synchronize all data at rest from Amazon's S3 Archive to B2Gnow's Production Instances. 7.Backup all databases from the Database Instance inside the Disaster Recovery environment to Amazon's S3 Archive. Copy those backup files from Amazon's S3 Archive to B2Gnow's Production Database Instance for file restoration. 8.Restore all database files to Production Database instances. 9.Verify that all website load balancers are fully configured and that each have the latest SSL security certificates deployed. 10.Verify/update domain usernames and passwords for production domain authentication. Servers to be updated: Web Server User Account Web Server Virtual Directories Database Server User Mapping Task/Email Server User Account File Server Share Permissions SQL Standard Reporting Server Manager 11.Update DNS records and perform the DNS bulk upload based on the environment information provided. This comprehensive list includes all: A DNS records SPF DNS records CNAME records 12.Remove all Maintenance Pages from Production and Disaster Recovery instances. 13.Make all non-required Disaster Recovery instances dormant. Phase 2 (estimated completion time is about 30 minutes): 1.Test primary system functionality, including: B2Gnow Application Standard Reporting Customer Portals Web Service Task Engines FTP Service Email Service Support Service Import/Export Service ADHOC Reporting 2.After testing is complete and all system restoration verified, notification will be sent out to all clients, informing them that full functionality of the B2Gnow system has been restored. 3.Restore the Database Replication from Production to multiple database Instances, including the Disaster Recovery environment.
Data Migration Description
The Governors Office of Diversity Business Enterprise Files are in Paper/Electronic format each will remain in their respective format. The goal of this migration is to scan and convert all Paper Records to Electronic Files and to gather all of the Electronic Diversity Business Enterprise data files into a single location, The TN Diversity Software Database, for storage, easy retrieval and to aid the archival and research process. The migration strategy is to create a common Database for storage and have all Diversity Business Enterprise Staff utilize the Database. The existing electronic Diversity Business Enterprise Files will be worked into the Database. Once the Diversity Business Enterprise Files have met their retention period, both electronic and paper files will be destroyed.
Records Management Division (RMD)
03-02-2017
No recommended changes.
Tennessee State Library and Archives
03-02-2017
No recommended changes.
Comptroller Audit Review
03-06-2017
We have reviewed RDA 3064 from an audit standpoint. We concur with the recommended retention and disposition specifications.
Agency Records Officer
03-07-2017
Agency concurs with no recommended changes.
RMD Director
03-08-2017
RDA 3064 is a request to revise an RDA. The retention period will increase from two years to five years and the format will change to electronic. The Abstract, Cut Off, Disposition Notes, and Worksheet have been updated. Recommend approval of request to revise RDA 3064.
Public Records Commission
03-28-2017
PRC approves RDA 3064