Back

Review the alternate facility preparation procedures.


CONTROL ID
04884
CONTROL TYPE
Systems Continuity
CLASSIFICATION
Detective

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Prepare the alternate facility for an emergency offsite relocation., CC ID: 00744

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b., StateRAMP Security Controls Baseline Summary Category 2, Version 1.1)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b., StateRAMP Security Controls Baseline Summary Category 3, Version 1.1)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b., StateRAMP Security Controls Baseline Summary High Sensitivity Level, Version 1.1)
  • The entity authorizes, designs, develops or acquires, implements, operates, approves, maintains, and monitors environmental protections, software, data back-up processes, and recovery infrastructure to meet its objectives. (A1.2, Trust Services Criteria)
  • The entity authorizes, designs, develops or acquires, implements, operates, approves, maintains, and monitors environmental protections, software, data backup processes, and recovery infrastructure to meet its objectives. (A1.2 ¶ 1, Trust Services Criteria, (includes March 2020 updates))
  • Environmental protections, software, data backup processes, and recovery infrastructure are authorized, designed, developed, implemented, operated, approved, maintained, and monitored to meet the entity’s availability commitments and system requirements. (A1.2, TSP 100A - Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy)
  • Ensure an alternate site is identified that permits the partial restoration of mission. (COAS-1, DoD Instruction 8500.2 Information Assurance (IA) Implementation)
  • Authorities, responsibilities, and relocation strategies. (V Action Summary ¶ 2 Bullet 1, FFIEC Business Continuity Planning (BCP) IT Examination Handbook, November 2019)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b. High Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b. Moderate Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Assess the effectiveness of controls at alternate work sites; and (PE-17c., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
  • Assess the effectiveness of controls at alternate work sites; and (PE-17c., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b. Moderate Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b. High Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • The organization assesses as feasible, the effectiveness of security controls at alternate work sites. (PE-17b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization assesses as feasible, the effectiveness of security controls at alternate work sites. (PE-17b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization assesses as feasible, the effectiveness of security controls at alternate work sites. (PE-17b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Deprecated, Revision 4, Deprecated)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
  • Assess the effectiveness of controls at alternate work sites; and (PE-17c., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b., Supply Chain Risk Management Practices for Federal Information Systems and Organizations, NIST Special Publication 800-161, April 2015)
  • Assesses as feasible, the effectiveness of security controls at alternate work sites; and (PE-17b., TX-RAMP Security Controls Baseline Level 2)