Requirement:
The cybersecurity requirements for business continuity management must be implemented.
Control Implementation Guidelines:
- Implement cybersecurity requirements within business continuity management that have been identified, documented, and approved in the policy
- Develop an action plan to implement all cybersecurity requirements to ensure BCM in the organization
- Include cybersecurity requirements for BCM in the organization's BCM procedures to ensure compliance with cybersecurity requirements for all internal and external stakeholders
Expected Deliverables:
- Documents that confirm the implementation of cybersecurity requirements related to BCM as documented in the policy
- An action plan to implement cybersecurity requirements for BCM in the organization
- Evidence showing the implementation of BCM controls at the organization, including but not limited to:
- Documented and approved business continuity plans for the organization
- Approved plans to respond to cybersecurity incidents that may affect the business continuity of the organization
- Reports on the implementation of disaster recovery plans tests at the organization
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
CMMC Level 1 Compliance
Become compliant, provide compliance services, or verify partner compliance with CMMC Level 1 Basic Safeguarding of Covered Contractor Information Systems requirements.
NIST SP 800-171 & CMMC Level 2 Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC Level 2 requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.