FedRAMP Controls / CP
CP-10 System Recovery and Reconstitution
Family CP
Baselines moderate
Mapped KSIs 4
Control statement
Provide for the recovery and reconstitution of the system to a known state within {{ insert: param, cp-10_prm_1 }} after a disruption, compromise, or failure. Parameter placeholders {{ insert: param, … }} reference FedRAMP-set values in the resolved profile. Full parameter map is
preserved in the catalog database.
Covered by these Key Security Indicators
| KSI | Title | Category |
|---|---|---|
| KSI-RPL-01 | Recovery Objectives _Persistently_ review desired Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO). | Recovery Planning |
| KSI-RPL-02 | Recovery Plan _Persistently_ review the alignment of recovery plans with defined recovery objectives. | Recovery Planning |
| KSI-RPL-03 | System Backups _Persistently_ review the alignment of machine-based information resource backups with defined recovery objectives. | Recovery Planning |
| KSI-RPL-04 | Recovery Testing _Persistently_ test the capability to recover from incidents and contingencies, including alignment with defined recovery objectives. | Recovery Planning |