SC-24: Fail In Known State
Control Family:
CSF v1.1 References:
Threats Addressed:
Baselines:
- Low
N/A
- Moderate
N/A
- High
- SC-24
Next Version:
- NIST Special Publication 800-53 Revision 5:
- SC-24: Fail in Known State
Control Statement
The information system fails to a [Assignment: organization-defined known-state] for [Assignment: organization-defined types of failures] preserving [Assignment: organization-defined system state information] in failure.
Supplemental Guidance
Failure in a known state addresses security concerns in accordance with the mission/business needs of organizations. Failure in a known secure state helps to prevent the loss of confidentiality, integrity, or availability of information in the event of failures of organizational information systems or system components. Failure in a known safe state helps to prevent systems from failing to a state that may cause injury to individuals or destruction to property. Preserving information system state information facilitates system restart and return to the operational mode of organizations with less disruption of mission/business processes.