Back

Reconfigure restored systems to meet the Recovery Point Objectives.


CONTROL ID
01256
CONTROL TYPE
Configuration
CLASSIFICATION
Corrective

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain Recovery Point Objectives for all in scope systems., CC ID: 15719

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • The system should allow users the ability to rollback (undo) some or all tasks that have been performed within predetermined limits, such as a time limit, a certain number of operations, or a certain number of characters. (§ 11.10, § F.10, ISO 15408-2 Common Criteria for Information Technology Security Evaluation Part 2, 2008)
  • For cloud computing services, is there a specific Recovery Point Objective? (§ V.1.56, Shared Assessments Standardized Information Gathering Questionnaire - V. Cloud, 7.0)
  • The organization must include, but not limit, the secure information system recovery and reconstitution procedures to: resetting all system parameters; reestablishing configuration settings; reinstalling system and application software; reinstalling patches; and fully testing the system. (CSR 3.6.7, Pub 100-17 Medicare Business Partners Systems Security, Transmittal 7, Appendix A: CMS Core Security Requirements CSR, March 17, 2006)
  • The system shall be able to rebuild the system from any backup copy. (§ C2.2.9.4, Design Criteria Standard for Electronic Records Management Software Application, DoD 5015.2)
  • (§ 3.1, Federal Information System Controls Audit Manual (FISCAM), February 2009)
  • Can the firewall be quickly reconfigured from the backup? (IT - Firewalls Q 27, Automated Integrated Regulatory Examination System (AIRES) IT Exam Questionnaires, version 073106A)
  • Contingency Planning (CP): Organizations must establish, maintain, and effectively implement plans for emergency response, backup operations, and post-disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in… (§ 3, FIPS Pub 200, Minimum Security Requirements for Federal Information and Information Systems, March 2006)
  • Organizational records and documents should be examined to ensure procedures for the recovery and reconstitution of the system are in place; tests are performed on the recovery and reconstitution procedures; the required information needed to be captured prior to disruption or failure has been ident… (CP-10, CP-10.5, Guide for Assessing the Security Controls in Federal Information Systems, NIST SP 800-53A)
  • The organization should provide the capability to restore the system in defined restoration time periods from a backup. (SG.CP-10 Requirement Enhancements 2, NISTIR 7628 Guidelines for Smart Grid Cyber Security: Vol. 1, Smart Grid Cyber Security Strategy, Architecture, and High-Level Requirements, August 2010)
  • The organization must provide for system recovery and reconstitution to a known state after a disruption, compromise, or failure. (App F § CP-10, Recommended Security Controls for Federal Information Systems, NIST SP 800-53)
  • The organization should transfer component responsibilities to a substitute component no later than a defined percentage or fraction of mean time to failure, when a system component is taken out of service. (App F § SI-13(1), Recommended Security Controls for Federal Information Systems, NIST SP 800-53)
  • The organization should ensure the standby component successfully and transparently assumes operational status inside a predetermined time period whenever a system component failure is detected. (App F § SI-13(4)(a), Recommended Security Controls for Federal Information Systems, NIST SP 800-53)
  • The restoration of system state variables must be included in the reconstitution of the Industrial Control System. (App I § CP-10, Recommended Security Controls for Federal Information Systems, NIST SP 800-53)
  • The organization provides for the recovery and reconstitution of the information system to a known state after a disruption, compromise, or failure. (CP-10 Control, Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization provides the capability to restore information system components within {organizationally documented restoration time-periods} from configuration-controlled and integrity-protected information representing a known, operational state for the components. (CP-10(4), Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization provides substitute information system components and a means to exchange active and standby components at {organizationally documented MTTF substitution criteria}. (SI-13b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization takes information system components out of service by transferring component responsibilities to substitute components no later than {organizationally documented fraction or percentage} of mean time to failure. (SI-13(1), Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization manually initiates transfers between active and standby information system components {organizationally documented frequency} if the mean time to failure exceeds {organizationally documented time period}. (SI-13(3), Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization, if information system component failures are detected ensures that the standby components are successfully and transparently installed within {organizationally documented time period}. (SI-13(4)(a), Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization provides for the recovery and reconstitution of the information system to a known state after a disruption, compromise, or failure. (CP-10 Control, Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization provides the capability to restore information system components within {organizationally documented restoration time-periods} from configuration-controlled and integrity-protected information representing a known, operational state for the components. (CP-10(4), Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization provides for the recovery and reconstitution of the information system to a known state after a disruption, compromise, or failure. (CP-10 Control, Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization provides for the recovery and reconstitution of the information system to a known state after a disruption, compromise, or failure. (CP-10 Control, Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Deprecated, Revision 4, Deprecated)