NIST 800-53 CP-2 Mappings

Contingency planning for systems is part of an overall program for achieving continuity of operations for organizational mission and business functions. Contingency planning addresses system restoration and implementation of alternative mission or business processes when systems are compromised or breached. Contingency planning is considered throughout the system development life cycle and is a fundamental part of the system design. Systems can be designed for redundancy, to provide backup capabilities, and for resilience. Contingency plans reflect the degree of restoration required for organizational systems since not all systems need to fully recover to achieve the level of continuity of operations desired. System recovery objectives reflect applicable laws, executive orders, directives, regulations, policies, standards, guidelines, organizational risk tolerance, and system impact level.

Actions addressed in contingency plans include orderly system degradation, system shutdown, fallback to a manual mode, alternate information flows, and operating in modes reserved for when systems are under attack. By coordinating contingency planning with incident handling activities, organizations ensure that the necessary planning activities are in place and activated in the event of an incident. Organizations consider whether continuity of operations during an incident conflicts with the capability to automatically disable the system, as specified in IR-04(05). Incident response planning is part of contingency planning for organizations and is addressed in the IR (Incident Response) family.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CP-2 Contingency Plan Protects T1485 Data Destruction
CP-2 Contingency Plan Protects T1486 Data Encrypted for Impact
CP-2 Contingency Plan Protects T1490 Inhibit System Recovery
CP-2 Contingency Plan Protects T1491 Defacement
CP-2 Contingency Plan Protects T1491.001 Internal Defacement
CP-2 Contingency Plan Protects T1491.002 External Defacement
CP-2 Contingency Plan Protects T1561 Disk Wipe
CP-2 Contingency Plan Protects T1561.001 Disk Content Wipe
CP-2 Contingency Plan Protects T1561.002 Disk Structure Wipe