Back

Conduct full recovery and restoration of service testing for high impact systems at the alternate facility.


CONTROL ID
01404
CONTROL TYPE
Testing
CLASSIFICATION
Detective

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Test the continuity plan, as necessary., CC ID: 00755

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • The institution should consider worst case scenarios in its business continuity plans. Some examples of these scenarios are unavailability of service provider due to unexpected termination of the outsourcing agreement, liquidation of the service provider and wide-area disruptions that result in coll… (5.7.4, Guidelines on Outsourcing)
  • include testing of an adequate set of severe but plausible scenarios including those considered for the development of the BCPs (as well as testing of services provided by third parties, where applicable); this should include the switch-over of critical business functions, supporting processes and i… (3.7.4 89(a), Final Report EBA Guidelines on ICT and security risk management)
  • Tests of Business Continuity plans and arrangements should include an assessment of the restored technical security infrastructure. (CF.20.07.05, The Standard of Good Practice for Information Security)
  • Tests of Business Continuity plans and arrangements should include an assessment of the restored technical security infrastructure. (CF.20.07.05, The Standard of Good Practice for Information Security, 2013)
  • The contingency plan testing must include a full recovery and reconstitution of the information system. (CSR 3.6.7, Pub 100-17 Medicare Business Partners Systems Security, Transmittal 7, Appendix A: CMS Core Security Requirements CSR, March 17, 2006)
  • Data replication between CSP geographically separate facilities/data centers is typically required for Disaster Recovery (DR) and/or Continuity of Operations (COOP) which includes backup. (Section 5.10.3.3 ¶ 2, Department of Defense Cloud Computing Security Requirements Guide, Version 1, Release 3)
  • Testing recovery of data lost when switching to out-of-region, asynchronous back-up facilities. (TIER II OBJECTIVES AND PROCEDURES Testing Strategy Objective 1: Event Scenarios 2 Bullet 5, FFIEC Business Continuity Planning (BCP) IT Examination Handbook, February 2015)
  • Determine whether management verifies that redundant electronic payment systems and equipment (e.g., tokens and routers) are included at recovery sites for activation and that documentation is maintained for timely posting of entries when systems are recovered. (App A Objective 8:8b, FFIEC Business Continuity Planning (BCP) IT Examination Handbook, November 2019)
  • Operate and perform duties (e.g., daily, quarterly, annually) from an alternate site. (App A Objective 10:15b, FFIEC Business Continuity Planning (BCP) IT Examination Handbook, November 2019)
  • Whether external exercise and test strategies include the significant firm's backup sites to the core firm's backup sites. (App A Objective 10:27a, FFIEC Business Continuity Planning (BCP) IT Examination Handbook, November 2019)
  • Whether the significant firm participates in industry (e.g., U.S. Department of the Treasury's Hamilton Series and FS-ISAC's CAPS exercises) or cross-market tests sponsored by core firms, markets, or trade associations. Tests should incorporate verifying the connectivity from alternate sites and inc… (App A Objective 10:27b, FFIEC Business Continuity Planning (BCP) IT Examination Handbook, November 2019)
  • Contingency Planning (CP): Organizations must establish, maintain, and effectively implement plans for emergency response, backup operations, and post-disaster recovery for organizational information systems to ensure the availability of critical information resources and continuity of operations in… (§ 3, FIPS Pub 200, Minimum Security Requirements for Federal Information and Information Systems, March 2006)
  • Organizational records and documents should be examined to ensure the testing of the contingency plan includes a full recovery and reconstitution of the information system(s). (CP-10(1), Guide for Assessing the Security Controls in Federal Information Systems, NIST SP 800-53A)
  • Two or more organizations with similar or identical system configurations and backup technologies may enter into a formal agreement to serve as alternate sites for each other or enter into a joint contract for an alternate site. This type of site is set up via a reciprocal agreement or memorandum of… (§ 3.4.3 ¶ 8, NIST SP 800-34, Contingency Planning Guide for Federal Information Systems, Rev. 1 (Final))
  • For high-impact systems, a full-scale functional exercise at an organization-defined frequency should be conducted. The full-scale functional exercise should include a system failover to the alternate location. This could include additional activities such as full notification and response of key pe… (§ 3.5.4 ¶ 2 Bullet 3, NIST SP 800-34, Contingency Planning Guide for Federal Information Systems, Rev. 1 (Final))
  • The organization should include a full recovery and reconstitution of the system to a known state in the contingency plan testing. (App F § CP-4(4), Recommended Security Controls for Federal Information Systems, NIST SP 800-53)
  • The organization includes a full recovery and reconstitution of the information system to a known state as part of contingency plan testing. (CP-4(4), Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization includes a full recovery and reconstitution of the information system to a known state as part of contingency plan testing. (CP-4(4) ¶ 1, Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
  • Include a full recovery and reconstitution of the system to a known state as part of contingency plan testing. (CP-4(4) ¶ 1, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Include a full recovery and reconstitution of the system to a known state as part of contingency plan testing. (CP-4(4) ¶ 1, Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)