Skip to main content

πŸ’Ό CP-9 System Backup

  • Contextual name: πŸ’Ό CP-9 System Backup
  • ID: /frameworks/nist-sp-800-53-r5/cp/09
  • Located in: πŸ’Ό CP Contingency Planning

Description​

a. Conduct backups of user-level information contained in [Assignment: organization-defined system components] [Assignment: organization-defined frequency consistent with recovery time and recovery point objectives]; b. Conduct backups of system-level information contained in the system [Assignment: organization-defined frequency consistent with recovery time and recovery point objectives]; c. Conduct backups of system documentation, including security- and privacy-related documentation [Assignment: organization-defined frequency consistent with recovery time and recovery point objectives]; and
d. Protect the confidentiality, integrity, and availability of backup information.

Similar​

  • Sections
    • /frameworks/aws-fsbp-v1.0.0/dynamodb/02
    • /frameworks/aws-fsbp-v1.0.0/efs/02
    • /frameworks/aws-fsbp-v1.0.0/elasticache/01
    • /frameworks/aws-fsbp-v1.0.0/fsx/02
    • /frameworks/aws-fsbp-v1.0.0/rds/11
    • /frameworks/aws-fsbp-v1.0.0/rds/14
    • /frameworks/aws-fsbp-v1.0.0/redshift/03
    • /frameworks/aws-fsbp-v1.0.0/redshift/06
    • /frameworks/aws-fsbp-v1.0.0/s3/13
  • Internal
    • ID: dec-c-e8e4c9c8

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [DynamoDB.2] DynamoDB tables should have point-in-time recovery enabled
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [EFS.2] Amazon EFS volumes should be in backup plans
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [ElastiCache.1] ElastiCache (Redis OSS) clusters should have automatic backups enabled
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [FSx.2] FSx for Lustre file systems should be configured to copy tags to backups
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [RDS.11] RDS instances should have automatic backups enabled
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [RDS.14] Amazon Aurora clusters should have backtracking enabled
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [Redshift.3] Amazon Redshift clusters should have automatic snapshots enabled
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [Redshift.6] Amazon Redshift should have automatic upgrades to major versions enabled
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [S3.13] S3 general purpose buckets should have Lifecycle configurations11

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό FedRAMP High Security Controls β†’ πŸ’Ό CP-9 System Backup (L)(M)(H)556
πŸ’Ό FedRAMP Low Security Controls β†’ πŸ’Ό CP-9 System Backup (L)(M)(H)6
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό PR.DS-01: The confidentiality, integrity, and availability of data-at-rest are protected82
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό PR.DS-10: The confidentiality, integrity, and availability of data-in-use are protected67
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό PR.DS-11: Backups of data are created, protected, maintained, and tested6
πŸ’Ό NIST CSF v2.0 β†’ πŸ’Ό RC.RP-03: The integrity of backups and other restoration assets is verified before using them for restoration1

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CP-9(1) System Backup _ Testing for Reliability and Integrity
πŸ’Ό CP-9(2) System Backup _ Test Restoration Using Sampling
πŸ’Ό CP-9(3) System Backup _ Separate Storage for Critical Information
πŸ’Ό CP-9(4) System Backup _ Protection from Unauthorized Modification
πŸ’Ό CP-9(5) System Backup _ Transfer to Alternate Storage Site
πŸ’Ό CP-9(6) System Backup _ Redundant Secondary System
πŸ’Ό CP-9(7) System Backup _ Dual Authorization for Deletion or Destruction
πŸ’Ό CP-9(8) System Backup _ Cryptographic Protection

Policies (1)​

PolicyLogic CountFlags
πŸ“ AWS S3 Bucket Lifecycle Configuration is not enabled 🟒1🟒 x6