Description
The organization identifies an alternate storage site and initiates necessary agreements to permit the storage of information system backup information.\n
Supplemental Guidance
The frequency of information system backups and the transfer rate of backup information to the alternate storage site (if so designated) are consistent with the organization’s recovery time objectives and recovery point objectives.\n
Enhancements
\n
Compliance Mappings
ISO 27002:2022
8.14
SOC 2 TSC
A1.2A1.2-POF9
ISO 17799 (legacy)
10.5.1
COBIT 4.1 (legacy)
DS4.1DS4.9