Web Content Viewer

2100-16 Contingency Planning

The purpose of this policy is to provide contingency planning (CP) requirements to minimize the disruption to critical business functions in the event of an information technology (IT) system disruption, compromise, or failure, while maintaining the security safeguards originally planned and implemented for systems.

To ensure this occurs, this policy establishes requirements that address contingency planning controls that align with the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, “Security and Privacy Controls for Federal Information Systems and Organizations,” (CP family of controls).