CoreOS 4.x - Contingency Planning

Control responses for NIST 800-53 rev4.

NOTE: All CoreOS content is under active development through the ComplianceAsCode Project. Do not consider this content production ready!


Requirements Traceability Matrix

Control Name Status
CP-1 Contingency Planning Policy And Procedures

not applicable

CP-2 Contingency Plan

not applicable

CP-2 (1) Coordinate With Related Plans

not applicable

CP-2 (2) Capacity Planning

planned

CP-2 (3) Resume Essential Missions / Business Functions

not applicable

CP-2 (4) Resume All Missions / Business Functions

not applicable

CP-2 (5) Continue Essential Missions / Business Functions

not applicable

CP-2 (6) Alternate Processing / Storage Site

planned

CP-2 (7) Coordinate With External Service Providers

not applicable

CP-2 (8) Identify Critical Assets

planned

CP-3 Contingency Training

not applicable

CP-3 (1) Simulated Events

not applicable

CP-3 (2) Automated Training Environments

not applicable

CP-4 Contingency Plan Testing

not applicable

CP-4 (1) Coordinate With Related Plans

not applicable

CP-4 (2) Alternate Processing Site

not applicable

CP-4 (3) Automated Testing

planned

CP-4 (4) Full Recovery / Reconstitution

planned

CP-5 Contingency Plan Update

not applicable

CP-6 Alternate Storage Site

not applicable

CP-6 (1) Separation From Primary Site

not applicable

CP-6 (2) Recovery Time / Point Objectives

planned

CP-6 (3) Accessibility

not applicable

CP-7 Alternate Processing Site

planned

CP-7 (1) Separation From Primary Site

not applicable

CP-7 (2) Accessibility

not applicable

CP-7 (3) Priority Of Service

not applicable

CP-7 (4) Preparation For Use

planned

CP-7 (5) Equivalent Information Security Safeguards

not applicable

CP-7 (6) Inability To Return To Primary Site

not applicable

CP-8 Telecommunications Services

not applicable

CP-8 (1) Priority Of Service Provisions

not applicable

CP-8 (2) Single Points Of Failure

not applicable

CP-8 (3) Separation Of Primary / Alternate Providers

not applicable

CP-8 (4) Provider Contingency Plan

not applicable

CP-8 (5) Alternate Telecommunication Service Testing

not applicable

CP-9 Information System Backup

planned

CP-9 (1) Testing For Reliability / Integrity

planned

CP-9 (2) Test Restoration Using Sampling

planned

CP-9 (3) Separate Storage For Critical Information

not applicable

CP-9 (4) Protection From Unauthorized Modification

not applicable

CP-9 (5) Transfer To Alternate Storage Site

planned

CP-9 (6)