Documentation - V-245773

V-245773

Traditional Security Checklist

CAT III

Title

Information Assurance - COOP Plan or Testing (Incomplete)

Description

<VulnDiscussion>Failure to develop a COOP and test it periodically can result in the partial or total loss of operations and INFOSEC. A contingency plan is necessary to reduce mission impact in the event of system compromise or disaster. REFERENCES: CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure C, Paragraphs 15 & 32 NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: CP-2, CP-2(1) through CP-2(8), CP-4, CP-4(1) through CP-4(4), ...

Fix Text (Documentation Requirement)

ALL systems connected to the DODIN must be included in the enclave COOP documentation and testing. If it is determined that some (a portion of the systems on site) of the site/organization systems connected to the DODIN do not need to be included in the COOP (plan and/or testing) then the risk for this must specifically be accepted by the AO in a holistic risk assessment document.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel