Navigate

CCI-002850

CCI-002850 Definition

Store backup copies of organization-defined critical system software and other security-related information in a separate facility or in a fire-rated container that is not collocated with the operational system.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Determine if backup copies of [CP-09(03)_ODP; critical system software and other security-related information backups to be stored in a separate facility are defined] are stored in a separate facility or in a fire rated container that is not collocated with the operational system.

Validation Procedures

Examine: [SELECT FROM: Contingency planning policy; procedures addressing system backup; contingency plan; backup storage location(s); system backup configurations and associated documentation; system backup logs or records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: Organizational personnel with contingency planning and plan implementation responsibilities; organizational personnel with system backup responsibilities; organizational personnel with information security responsibilities].

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002850.

Control	Description
CP-9(3)	Store backup copies of [critical system software and other security-related information backups to be stored in a separate facility are defined;] in a separate facility or in a fire rated container that is not collocated with the operational system.