RC.RP-04: Critical mission functions and cybersecurity risk management are considered to establish post-incident operational norms

Info icon.

Subcategory is new to this version of the framework.

Description

[csf.tools Note: Subcategories do not have detailed descriptions. However NIST has provided the following implementation examples.]

Implementation Examples

1st: 1st Party Risk

Ex1: Use business impact and system categorization records (including service delivery objectives) to validate that essential services are restored in the appropriate order

Ex2: Work with system owners to confirm the successful restoration of systems and the return to normal operations

Ex3: Monitor the performance of restored systems to verify the adequacy of the restoration