CP-10

CP-10 INFORMATION SYSTEM RECOVERY AND RECONSTITUTION

Overview

Number	Title	Impact	Priority	Subject Area
CP-10	Information System Recovery And Reconstitution	LOW	P1	Contingency Planning

Instructions
The organization provides for the recovery and reconstitution of the information system to a known state after a disruption, compromise, or failure.

Guidance
Recovery is executing information system contingency plan activities to restore organizational missions/business functions. Reconstitution takes place following recovery and includes activities for returning organizational information systems to fully operational states. Recovery and reconstitution operations reflect mission and business priorities, recovery point/time and reconstitution objectives, and established organizational metrics consistent with contingency plan requirements. Reconstitution includes the deactivation of any interim information system capabilities that may have been needed during recovery operations. Reconstitution also includes assessments of fully restored information system capabilities, reestablishment of continuous monitoring activities, potential information system reauthorizations, and activities to prepare the systems against future disruptions, compromises, or failures. Recovery/reconstitution capabilities employed by organizations can include both automated mechanisms and manual procedures.

Guidance

Recovery is executing information system contingency plan activities to restore organizational missions/business functions. Reconstitution takes place following recovery and includes activities for returning organizational information systems to fully operational states. Recovery and reconstitution operations reflect mission and business priorities, recovery point/time and reconstitution objectives, and established organizational metrics consistent with contingency plan requirements. Reconstitution includes the deactivation of any interim information system capabilities that may have been needed during recovery operations. Reconstitution also includes assessments of fully restored information system capabilities, reestablishment of continuous monitoring activities, potential information system reauthorizations, and activities to prepare the systems against future disruptions, compromises, or failures. Recovery/reconstitution capabilities employed by organizations can include both automated mechanisms and manual procedures.

Enhancements

CP-10 (1) Contingency Plan Testing

Withdrawn: Incorporated into CP-4.

CP-10 (2) Transaction Recovery

MODERATE

Transaction-based information systems include, for example, database management systems and transaction processing systems. Mechanisms supporting transaction recovery include, for example, transaction rollback and transaction journaling.

The information system implements transaction recovery for systems that are transaction-based.

CP-10 (3) Compensating Security Controls

Withdrawn: Addressed through tailoring procedures.

CP-10 (4) Restore Within Time Period

HIGH

Restoration of information system components includes, for example, reimaging which restores components to known, operational states.

The organization provides the capability to restore information system components within Assignment: organization-defined restoration time-periods from configuration-controlled and integrity-protected information representing a known, operational state for the components.

CP-10 (5) Failover Capability

Withdrawn: Incorporated into SI-13.

CP-10 (6) Component Protection

Protection of backup and restoration hardware, firmware, and software components includes both physical and technical safeguards. Backup and restoration software includes, for example, router tables, compilers, and other security-relevant system software.

The organization protects backup and restoration hardware, firmware, and software.