>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CP-10Information System Recovery And Reconstitution

PBMM (P3)
Secret (P3)
Operational

>Control Description

(A) The organization provides for the recovery and reconstitution of the information system to a known state after a disruption, compromise, or failure.

>Supplemental Guidance

Recovery is executing information system contingency plan activities to restore organizational missions/business functions. Reconstitution takes place following recovery and includes activities for returning organizational information systems to fully operational states. Recovery and reconstitution operations reflect mission and business priorities, recovery point/time and reconstitution objectives, and established organizational metrics consistent with contingency plan requirements.

Reconstitution includes the deactivation of any interim information system capabilities that may have been needed during recovery operations. Reconstitution also includes assessments of fully restored information system capabilities, reestablishment of continuous monitoring activities, potential information system reauthorizations, and activities to prepare the systems against future disruptions, compromises, or failures. Recovery/reconstitution capabilities employed by organizations can include both automated mechanisms and manual procedures.

Related controls: CA-2, CA-6, CA-7, CP-2, CP-4, CP-6, CP-7, CP-9, SC-24

>Tailoring Guidance

Rather than re-building systems from scratch this control enhancement ensures that organizations re-build systems from either a secure image or baseline. This approach will improve the effectiveness of the recovery process.

Ask AI

Configure your API key to use AI features.