Guidance for NIST 800-171 Assessment & Compliance
Table E-6: Tailoring Actions for Contingency Planning Controls36
NIST SP 800-53 MODERATE BASELINE SECURITY CONTROLS |
TAILORING |
|
CP-1 |
Contingency Planning Policy and Procedures |
NCO |
CP-2 |
Contingency Plan |
NCO |
CP-2(1) |
CONTINGENCY PLAN | COORDINATE WITH RELATED PLANS |
NCO |
CP-2(3) |
CONTINGENCY PLAN | RESUME ESSENTIAL MISSIONS / BUSINESS FUNCTIONS |
NCO |
CP-2(8) |
CONTINGENCY PLAN | IDENTIFY CRITICAL ASSETS |
NCO |
CP-3 |
Contingency Training |
NCO |
CP-4 |
Contingency Plan Testing |
NCO |
CP-4(1) |
CONTINGENCY PLAN TESTING | COORDINATE WITH RELATED PLANS |
NCO |
CP-6 |
Alternate Storage Site |
NCO |
CP-6(1) |
ALTERNATE STORAGE SITE | SEPARATION FROM PRIMARY SITE |
NCO |
CP-6(3) |
ALTERNATE STORAGE SITE | ACCESSIBILITY |
NCO |
CP-7 |
Alternate Processing Site |
NCO |
CP-7(1) |
ALTERNATE PROCESSING SITE | SEPARATION FROM PRIMARY SITE |
NCO |
CP-7(2) |
ALTERNATE PROCESSING SITE | ACCESSIBILITY |
NCO |
CP-7(3) |
ALTERNATE PROCESSING SITE | PRIORITY OF SERVICE |
NCO |
CP-8 |
Telecommunications Services |
NCO |
CP-8(1) |
TELECOMMUNICATIONS SERVICES | PRIORITY OF SERVICE PROVISIONS |
NCO |
CP-8(2) |
TELECOMMUNICATIONS SERVICES | SINGLE POINTS OF FAILURE |
NCO |
CP-9 |
Information System Backup |
CUI |
CP-9(1) |
INFORMATION SYSTEM BACKUP | TESTING FOR RELIABILITY / INTEGRITY |
NCO |
CP-10 |
Information System Recovery and Reconstitution |
NCO |
CP-10(2) |
INFORMATION SYSTEM RECOVERY AND RECONSTITUTION | TRANSACTION RECOVERY |
NCO |
