Informative References

Informative references are a cross-reference to a control set that can be used to implement a security outcome described by the framework element.

    RC.RP: Incident Recovery Plan ExecutionRC.RP-03: The integrity of backups and other restoration assets is verified before using them for restoration
    RC.RP-04: Critical mission functions and cybersecurity risk management are considered to establish post-incident operational norms
    RC.RP-05: The integrity of restored assets is verified, systems and services are restored, and normal operating status is confirmed
    RC.RP-06: The end of incident recovery is declared based on criteria, and incident-related documentation is completed
    RC.CO: Incident Recovery CommunicationRC.CO-03: Recovery activities and progress in restoring operational capabilities are communicated to designated internal and external stakeholders
    RC.CO-04: Public updates on incident recovery are shared using approved methods and messaging