Contingency Planning¶
Resume Mission and Business Functions¶
CP-02(03)
NIST SP 800-53 Revision 5.2.0
- Official NIST control ID:
CP-02(03) - Catalog version: 5.2.0
- OSCAL version: 1.2.2
- Catalog last modified: May 11, 2026
Plan for the resumption of [Selection: one of: all; essential] mission and business functions within [Assignment: organization-defined time period] of contingency plan activation.
FedRAMP Parameters
| Parameter ID | NIST assignment | FedRAMP value |
|---|---|---|
cp-02.03_odp.02 |
time period | time period defined in service provider and organization Service Level Agreements |
Separation from Primary Site¶
CP-07(01)
NIST SP 800-53 Revision 5.2.0
- Official NIST control ID:
CP-07(01) - Catalog version: 5.2.0
- OSCAL version: 1.2.2
- Catalog last modified: May 11, 2026
Identify an alternate processing site that is sufficiently separated from the primary processing site to reduce susceptibility to the same threats.
FedRAMP Guidance
The service provider may determine what is considered a sufficient degree of separation between the primary and alternate processing sites, based on the types of threats that are of concern. For one particular type of threat (i.e., hostile cyber attack), the degree of separation between sites will be less relevant.
Restore Within Time Period¶
CP-10(04)
NIST SP 800-53 Revision 5.2.0
- Official NIST control ID:
CP-10(04) - Catalog version: 5.2.0
- OSCAL version: 1.2.2
- Catalog last modified: May 11, 2026
Provide the capability to restore system components within [Assignment: organization-defined restoration time periods] from configuration-controlled and integrity-protected information representing a known, operational state for the components.
FedRAMP Parameters
| Parameter ID | NIST assignment | FedRAMP value |
|---|---|---|
cp-10.04_odp |
restoration time periods | time period consistent with the restoration time-periods defined in the service provider and organization Service Level Agreements |