CP-1 Contingency Planning Policy and Procedures
Description
University units shall maintain a written Continuity of Operations Plan that addresses information resources so that the effects of a disaster will be minimized, and the unit will be able either to maintain or quickly resume critical functions.
Applicability
- This control applies to the university Chief Information Security Officer (CISO).
Implementation
- 1 - The university CISO, in coordination with Information Resource owners, shall develop, document, and disseminate to units a set of controls that addresses the Contingency Planning of information resources. These controls should include purpose, scope, roles, responsibilities, management commitment, coordination among university entities, and compliance.
- 2 - The CISO shall review and update the Contingency Planning controls as necessary.