UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Backup and recovery procedures should be developed, documented, implemented and periodically tested.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15129 DG0020-ORACLE11 SV-24608r1_rule CODP-1 CODP-2 CODP-3 Medium
Description
Problems with backup procedures or backup media may not be discovered until after a recovery is needed. Testing and verification of procedures provides the opportunity to discover oversights, conflicts, or other issues in the backup procedures or use of media designed to be used.
STIG Date
Oracle 11 Database Installation STIG 2014-01-14

Details

Check Text ( C-29108r1_chk )
Review documented backup testing and recovery verification procedures noted or documented in the System Security Plan.

Review evidence of implementation of testing and verification procedures by reviewing logs from backup and recovery implementation.

Logs may be in electronic or hardcopy and may include email or other notification.

If backup testing and recovery verification are not documented or noted in the System Security Plan, this is a Finding.

If evidence of backup testing and recovery verification does not exist, this is a Finding.
Fix Text (F-26111r1_fix)
Design, document and implement backup testing and recovery verification procedures for the DBMS host and all individual database instances and either include or note the name, location, version and current revision date of any external documentation in the System Security Plan.

Include any requirements for documenting database backup and recovery testing and verification activities in the procedures.