An error occurred:

© 2025 Xylok, LLC

Version: features-advanced-collector-898c2c - rmfrev4

Navigate

CCI-000457

CCI-000457 Definition

Develop a contingency plan for the system that is reviewed and approved by organization-defined personnel or roles.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000457.

Control

Description

The organization:

a: Develops a contingency plan for the information system that:
- 1: Identifies essential missions and business functions and associated contingency requirements;
- 2: Provides recovery objectives, restoration priorities, and metrics;
- 3: Addresses contingency roles, responsibilities, assigned individuals with contact information;
- 4: Addresses maintaining essential missions and business functions despite an information system disruption, compromise, or failure;
- 5: Addresses eventual, full information system restoration without deterioration of the security safeguards originally planned and implemented; and
- 6: Is reviewed and approved by [one of ];

b: Distributes copies of the contingency plan to [one of ];

c: Coordinates contingency planning activities with incident handling activities;

d: Reviews the contingency plan for the information system [one of ];

e: Updates the contingency plan to address changes to the organization, information system, or environment of operation and problems encountered during contingency plan implementation, execution, or testing;

f: Communicates contingency plan changes to [one of ]; and

g: Protects the contingency plan from unauthorized disclosure and modification.