CP-9(1): Testing for Reliability and Integrity
Control Family:
Parent Control:
CSF v1.1 References:
Threats Addressed:
Baselines:
- Moderate
- High
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- CP-9(1): Testing For Reliability / Integrity
Control Statement
Test backup information [Assignment: organization-defined frequency] to verify media reliability and information integrity.
Supplemental Guidance
Organizations need assurance that backup information can be reliably retrieved. Reliability pertains to the systems and system components where the backup information is stored, the operations used to retrieve the information, and the integrity of the information being retrieved. Independent and specialized tests can be used for each of the aspects of reliability. For example, decrypting and transporting (or transmitting) a random sample of backup files from the alternate storage or backup site and comparing the information to the same information at the primary processing site can provide such assurance.