10: Data Recovery Capabilities

CSF v1.1 References:

Threats Addressed:

Control Statement

The processes and tools used to properly back up critical information with a proven methodology for timely recovery of it.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]


10.2: Perform Complete System Backups

Ensure that all of the organization's key systems are backed up as a complete system, through processes such as imaging, to enable the quick recovery of an entire system.

10.4: Protect Backups

Ensure that backups are properly protected via physical security or encryption when they are stored, as well as when they are moved across the network. This includes remote backups and cloud services.