Control: The organisation:
Information System Backup Supplemental Guidance:
System-level information includes, for example, system-state information, operating system and application software, and licenses. User-level information includes any information other than system-level information. Mechanisms employed by organisations to protect the integrity of information system backups include, for example, digital signatures and cryptographic hashes. Protection of system backup information while in transit is beyond the scope of this control. Information system backups reflect the requirements in contingency plans as well as other organisational requirements for backing up information.
Information System Backup Control Enhancements:
CP-9 (1) Information System Backup - Testing for Reliability / Integrity
The organisation tests backup information [Assignment: organisation-defined frequency] to verify media reliability and information integrity.
Supplemental Guidance: Related control: CP-4.
CP-9 (2) Information System Backup - Test Restoration using Sampling
The organisation uses a sample of backup information in the restoration of selected information
system functions as part of contingency plan testing.
Supplemental Guidance: Related control: CP-4.
CP-9 (3) Information System Backup - Separate storage for critical information
The organisation stores backup copies of [Assignment: organisation-defined critical information system software and other security-related information] in a separate facility or in a fire-rated container that is not collocated with the operational system.
Supplemental Guidance: Critical information system software includes, for example, operating systems, cryptographic key management systems, and intrusion detection/prevention systems. Security-related information includes, for example, organisational inventories of hardware, software, and firmware components. Alternate storage sites typically serve as separate storage facilities for organisations.
CP-9 (4) Information System Backup - Protection from unauthorised modification
[Withdrawn: Incorporated into CP-9].
CP-9 (5) Information System Backup - Transfer to alternate storage site
The organisation transfers information system backup information to the alternate storage site [Assignment: organisation-defined time period and transfer rate consistent with the recovery time and recovery point objectives].
Supplemental Guidance: Information system backup information can be transferred to alternate storage sites either electronically or by physical shipment of storage media.
CP-9 (7) Information System Backup - Dual Authorisation
The organisation enforces dual authorisation for the deletion or destruction of [Assignment: organisation-defined backup information].
Supplemental Guidance: Dual authorisation ensures that the deletion or destruction of backup information cannot occur unless two qualified individuals carry out the task. Individuals deleting/destroying backup information possess sufficient skills/expertise to determine if the proposed deletion/destruction of backup information reflects organisational policies and procedures. Dual authorisation may also be known as two-person control.