>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CP-2Contingency Plan

>Control Description

a

Develop a contingency plan for the system that:

1.

Identifies essential mission and business functions and associated contingency requirements;

2.

Provides recovery objectives, restoration priorities, and metrics;

3.

Addresses contingency roles, responsibilities, assigned individuals with contact information;

4.

Addresses maintaining essential mission and business functions despite a system disruption, compromise, or failure;

5.

Addresses eventual, full system restoration without deterioration of the controls originally planned and implemented;

6.

Addresses the sharing of contingency information; and

7.

Is reviewed and approved by organization-defined personnel or roles;

b

Distribute copies of the contingency plan to organization-defined key contingency personnel (identified by name and/or by role) and organizational elements;

c

Coordinate contingency planning activities with incident handling activities;

d

Review the contingency plan for the system organization-defined frequency;

e

Update the contingency plan to address changes to the organization, system, or environment of operation and problems encountered during contingency plan implementation, execution, or testing;

f

Communicate contingency plan changes to organization-defined key contingency personnel (identified by name and/or by role) and organizational elements;

g

Incorporate lessons learned from contingency plan testing, training, or actual contingency activities into contingency testing and training; and

h

Protect the contingency plan from unauthorized disclosure and modification.

>Related Controls

CP-3
CP-4
CP-6
CP-7
CP-8
CP-9
CP-10
CP-11
CP-13
IR-4
IR-6
IR-8
IR-9
MA-6
MP-2
MP-4
MP-5
PL-2
PM-8
PM-11
SA-15
SA-20
SC-7
SC-23
SI-12

Ask AI

Configure your API key to use AI features.