Description should include
types of backups (i.e., full, incremental, and differential)
backup locations (e.g., media, cloud)
discussion of the value of a backup as it relates to security.