This Control directly supports the implied Control(s):
Establish, implement, and maintain system continuity plan strategies., CC ID: 00735
This Control has the following implementation support Control(s):
Identify all critical business records., CC ID: 00737
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
The identity and location of critical files and the ability to conduct backups of user-level and system-level information (including system state information) shall be supported by the control system without affecting normal plant operations. (11.5.1 ¶ 1, IEC 62443-3-3: Industrial communication networks â Network and system security â Part 3-3: System security requirements and security levels, Edition 1)
Business continuity critical records may require additional protection and duplication methods to ensure accessibility during a disaster. (§ 4.3.7.1 ¶ 3, ISO 15489-2: 2001, Information and Documentation: Records management: Part 2: Guidelines)
The Records Officer, in consultation with the COOP point of contact, must inventory records and identify which ones are vital during an emergency; review the vital records for completeness and adequacy; duplicate vital records for storage and keep them offsite; and store vital records. (Ch 7 (Procedures), Department of Health and Human Services Records Management Procedures Manual, Version 1.0 Final Draft)
Vital records (electronic and hardcopy). (§ 3.6 ¶ 2 Bullet 8, NIST SP 800-34, Contingency Planning Guide for Federal Information Systems, Rev. 1 (Final))
