CP-7: Alternate Processing Site
From NIST's SP800-53:
a. Establish an alternate processing site, including necessary agreements to permit the transfer and resumption of [Assignment: organization-defined system operations] for essential mission and business functions within [Assignment: organization-defined time period consistent with recovery time and recovery point objectives] when the primary processing capabilities are unavailable; b. Make available at the alternate processing site, the equipment and supplies required to transfer and resume operations or put contracts in place to support delivery to the site within the organization-defined time period for transfer and resumption; and c. Provide controls at the alternate processing site that are equivalent to those at the primary site.
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
SP800-53 Control Mapped to NIST Cyber Security Framework
Generated from NISTs SP800-53/CSF Crosswalk mappings.
| Control ID | Description |
|---|---|
| PR.PT-5 | Mechanisms (e.g., failsafe, load balancing, hot swap) are implemented to achieve resilience requirements in normal and adverse situations |
| PR.IP-9 | Response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed |
MITRE ATT&CK Techniques
See which MITRE ATT&CK techniques this control helps to protect against.
| ATT&CK ID | Title | Associated Tactics |
|---|---|---|
| T1486 | Data Encrypted for Impact | Impact |
| T1491 | Defacement | Impact |
| T1561 | Disk Wipe | Impact |
| T1491.002 | External Defacement | Impact |
| T1490 | Inhibit System Recovery | Impact |
| T1565 | Data Manipulation | Impact |
| T1070 | Indicator Removal | Defense Evasion |
| T1070.008 | Clear Mailbox Data | Defense Evasion |
| T1070.001 | Clear Windows Event Logs | Defense Evasion |
| T1565.001 | Stored Data Manipulation | Impact |
| T1485 | Data Destruction | Impact |
| T1561.002 | Disk Structure Wipe | Impact |
| T1119 | Automated Collection | Collection |
| T1561.001 | Disk Content Wipe | Impact |
| T1491.001 | Internal Defacement | Impact |
| T1070.002 | Clear Linux or Mac System Logs | Defense Evasion |