Home » Pillars » RC.CC: Recovery Controls & Capabilities » RC.CC-1 Identify Recovery Controls

Description

Organisations must identify and articulate their existing recovery controls. This should not be limited to technical recovery controls, but both technical and non-technical recovery controls, for example, backups, storage (for instance, storage area network, network attached storage, S3 bucket , offsite backups etc), availability zones, recovery processes, authentication systems, management local area networks (LAN), high availability, redundancy and resilience, digital forensic lab, alternate routes, continent paths etc. This subcategory when completed properly will inform an approach and understanding for RC.CC-4 and RC.CI-2 subcategories.