Description
The organization reviews the contingency plan for the information system [Assignment: organization-defined frequency, at least annually] and revises the plan to address system/organizational changes or problems encountered during plan implementation, execution, or testing.\n
Supplemental Guidance
Organizational changes include changes in mission, functions, or business processes supported by the information system. The organization communicates changes to appropriate organizational elements responsible for related plans (e.g., Business Continuity Plan, Disaster Recovery Plan, Continuity of Operations Plan, Business Recovery Plan, Incident Response Plan, Emergency Action Plan).\n
Enhancements
(0) None.\n
Compliance Mappings
ISO 17799 (legacy)
14.1.314.1.5
COBIT 4.1 (legacy)
DS4.4