X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 101 / 158

372 views

0 shares

0 downloads

0 comments

101 / 158

U.S. Department of Health and Human Services

A CP for each system is required by law and includes the following key sections:

System criticality

Responsibilities

Business impact analysis

Preventive controls

Damage assessment

Recovery and reconstitution

Backup requirements (NIST SP 800-34 Rev. 1)

IT Administrators may be involved in assisting with creating the CP to ensure that it accurately captures what is possible in terms of technical recovery. IT Administrators also may be required to document changes as soon as they are made.

Even when no changes have occurred, the document should still be reviewed and verified by the IT Administrator or ISSO at least annually.

Page 2 of 9

System Security Documentation

Contingency Plan (CP)

Document info
Document views372
Page views372
Page last viewedSun Dec 04 17:54:03 UTC 2016
Pages158
Paragraphs2058
Words16945

Comments