Implement the Controls
A Contingency Plan for each system is required by law and includes the following key sections:
– System criticality;
– Responsibilities;
– Business impact analysis;
– Preventive controls;
– Damage assessment;
– Recovery and reconstitution; and
– Backup requirements.