Navigate

CCI-001192

CCI-001192 Definition

Defines types of system failures for which should fail to an organization-defined known system state.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if [SC-24_ODP[01]; types of system failures for which the system components fail to a known state are defined] fail to a [SC-24_ODP[02]; known system state to which system components fail in the event of a system failure is defined] while preserving [SC-24_ODP[03]; system state information to be preserved in the event of a system failure is defined] in failure.

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing system failure to known state; system design documentation; system configuration settings and associated documentation; list of failures requiring system to fail in a known state; state information to be preserved in system failure; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developer]. Test: [SELECT FROM: Mechanisms supporting and/or implementing the fail in known state capability; mechanisms preserving system state information in the event of a system failure].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-001192.

Control	Description
SC-24	Fail to a [known system state to which system components fail in the event of a system failure is defined;] for the following failures on the indicated components while preserving [system state information to be preserved in the event of a system failure is defined;] in failure: [types of system failures for which the system components fail to a known state are defined;].