RC.RP-02: Recovery actions are selected, scoped, prioritized, and performed

Info icon.

Subcategory is new to this version of the framework and incorporates the following item from the previous version: RC.RP-1: Recovery plan is executed during or after a cybersecurity incident.


[csf.tools Note: Subcategories do not have detailed descriptions. However NIST has provided the following implementation examples.]

Implementation Examples

1st: 1st Party Risk

Ex1: Select recovery actions based on the criteria defined in the incident response plan and available resources

Ex2: Change planned recovery actions based on a reassessment of organizational needs and resources