Skip to main content

💼 CP-10 System Recovery and Reconstitution

  • Contextual name: 💼 CP-10 System Recovery and Reconstitution
  • ID: /frameworks/nist-sp-800-53-r5/cp/10
  • Located in: 💼 CP Contingency Planning

Description

Provide for the recovery and reconstitution of the system to a known state within [Assignment: organization-defined time period consistent with recovery time and recovery point objectives] after a disruption, compromise, or failure.

Similar

  • Sections
    • /frameworks/aws-fsbp-v1.0.0/auto-scaling/02
    • /frameworks/aws-fsbp-v1.0.0/auto-scaling/06
    • /frameworks/aws-fsbp-v1.0.0/cloudfront/04
    • /frameworks/aws-fsbp-v1.0.0/dynamodb/01
    • /frameworks/aws-fsbp-v1.0.0/dynamodb/02
    • /frameworks/aws-fsbp-v1.0.0/ec2/20
    • /frameworks/aws-fsbp-v1.0.0/efs/02
    • /frameworks/aws-fsbp-v1.0.0/elasticache/01
    • /frameworks/aws-fsbp-v1.0.0/elasticache/03
    • /frameworks/aws-fsbp-v1.0.0/elb/09
    • /frameworks/aws-fsbp-v1.0.0/elb/10
    • /frameworks/aws-fsbp-v1.0.0/elb/13
    • /frameworks/aws-fsbp-v1.0.0/es/06
    • /frameworks/aws-fsbp-v1.0.0/es/07
    • /frameworks/aws-fsbp-v1.0.0/lambda/05
    • /frameworks/aws-fsbp-v1.0.0/opensearch/06
    • /frameworks/aws-fsbp-v1.0.0/rds/05
    • /frameworks/aws-fsbp-v1.0.0/rds/11
    • /frameworks/aws-fsbp-v1.0.0/rds/14
    • /frameworks/aws-fsbp-v1.0.0/rds/15
    • /frameworks/aws-fsbp-v1.0.0/redshift/03
    • /frameworks/aws-fsbp-v1.0.0/s3/13
    • /frameworks/aws-fsbp-v1.0.0/sagemaker/04
  • Internal
    • ID: dec-c-2745b750

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlags
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [AutoScaling.2] Amazon EC2 Auto Scaling group should cover multiple Availability Zones
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [AutoScaling.6] Auto Scaling groups should use multiple instance types in multiple Availability Zones
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [CloudFront.4] CloudFront distributions should have origin failover configured
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DynamoDB.1] DynamoDB tables should automatically scale capacity with demand11
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DynamoDB.2] DynamoDB tables should have point-in-time recovery enabled11
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EC2.20] Both VPN tunnels for an AWS Site-to-Site VPN connection should be up1
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EFS.2] Amazon EFS volumes should be in backup plans
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ElastiCache.1] ElastiCache (Redis OSS) clusters should have automatic backups enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ElastiCache.3] ElastiCache replication groups should have automatic failover enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ELB.9] Classic Load Balancers should have cross-zone load balancing enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ELB.10] Classic Load Balancer should span multiple Availability Zones
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ELB.13] Application, Network and Gateway Load Balancers should span multiple Availability Zones
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ES.6] Elasticsearch domains should have at least three data nodes
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ES.7] Elasticsearch domains should be configured with at least three dedicated master nodes
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Lambda.5] VPC Lambda functions should operate in multiple Availability Zones
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Opensearch.6] OpenSearch domains should have at least three data nodes
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.5] RDS DB instances should be configured with multiple Availability Zones11
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.11] RDS instances should have automatic backups enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.14] Amazon Aurora clusters should have backtracking enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.15] RDS DB clusters should be configured for multiple Availability Zones
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Redshift.3] Amazon Redshift clusters should have automatic snapshots enabled
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.13] S3 general purpose buckets should have Lifecycle configurations11
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SageMaker.4] SageMaker AI endpoint production variants should have an initial instance count greater than 1

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlags
💼 FedRAMP High Security Controls → 💼 CP-10 System Recovery and Reconstitution (L)(M)(H)26
💼 FedRAMP Low Security Controls → 💼 CP-10 System Recovery and Reconstitution (L)(M)(H)6
💼 NIST CSF v2.0 → 💼 RC.RP-01: The recovery portion of the incident response plan is executed once initiated from the incident response process6
💼 NIST CSF v2.0 → 💼 RC.RP-02: Recovery actions are selected, scoped, prioritized, and performed6
💼 NIST CSF v2.0 → 💼 RC.RP-05: The integrity of restored assets is verified, systems and services are restored, and normal operating status is confirmed6

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags
💼 CP-10(1) System Recovery and Reconstitution _ Contingency Plan Testing
💼 CP-10(2) System Recovery and Reconstitution _ Transaction Recovery
💼 CP-10(3) System Recovery and Reconstitution _ Compensating Security Controls
💼 CP-10(4) System Recovery and Reconstitution _ Restore Within Time Period
💼 CP-10(5) System Recovery and Reconstitution _ Failover Capability
💼 CP-10(6) System Recovery and Reconstitution _ Component Protection

Policies (6)

PolicyLogic CountFlags
📝 AWS DynamoDB Provisioned Table Auto Scaling is not configured 🟢1🟢 x6
📝 AWS DynamoDB Table Point In Time Recovery is not enabled 🟢1🟢 x6
📝 AWS RDS Instance Multi-AZ Deployment is not enabled 🟢1🟢 x6
📝 AWS S3 Bucket Lifecycle Configuration is not enabled 🟢1🟢 x6
📝 AWS VPC VPN Connection does not have both Tunnels up 🟢1🟢 x6
📝 Google Cloud SQL Instance Automated Backups are not configured 🟢1🟢 x6