The continuity of operations or disaster recovery plans are exercised annually.
MAC / CONF
Disaster recovery plans are essential for mitigating the effects of emergencies, but without training, the threat of making mistakes during plan execution is high. Exercising disaster recovery plans annually followed by corrections and enhancements improve an organization’s disaster response capabilities.
1. The continuity of operations or disaster recovery plans shall be exercised annually to ensure plans are complete and viable. 2. The exercise shall be coordinated with management and other key personnel. 3. The exercise, if possible, shall not interrupt normal operations. 4. The results of the exercise shall be recorded and analyzed for improvements and enhancements.
Presidential Decision Directive 67, Enduring Constitutional Government and Continuity of Government Operations, October 1998
NIST SP 500-170, Management Guide to Protection of Information Resources, October 1989
NIST SP 800-34, Contingency Planning Guide for Information Technology Systems, June 2002
FIPS Publication 87, Guidelines for ADP Contingency Planning, March 1981
DoDI 3020.39, Integrated Continuity Planning for Defense Intelligence, 03 August 2001
DoDD 3020.36, Assignment of National Security Emergency Preparedness Responsibilities to DoD Components, 02 November 1988
DoDD 3020.26, Defense Continuity Program, 08 September 2004
DoDD 5137.1, Assistant Secretary of Defense for Command, Control, Communications, and Intelligence, 12 February 1992
DoD 8910.1-M, DoD Procedures for Management of Information Requirements, 30 June 1998
CJCSM 6510.01 Defense-in-Depth: Information Assurance (IA) and Computer Network Defense (CND), 25 March 2003