You are viewing this page in an unauthorized frame window.

This is a potential security issue, you are being redirected to https://csrc.nist.gov.

You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.

An official website of the United States government

Here’s how you know

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Institute of Standards and Technology

CSRC MENU

Projects
Publications Expand or Collapse

Drafts for Public Comment

All Public Drafts

Final Pubs

FIPS (standards)

Special Publications (SPs)

IR (interagency/internal reports)

CSWP (cybersecurity white papers)

ITL Bulletins

Project Descriptions

Journal Articles

Conference Papers

Books
Topics Expand or Collapse

Security & Privacy

Applications

Technologies

Sectors

Laws & Regulations

Activities & Products
News & Updates
Events
Glossary
About CSRC Expand or Collapse
Computer Security Division
Applied Cybersecurity Division
Contact Us

Information Technology Laboratory

Computer Security Resource Center

CSRC Logo

Topics Security and Privacy security programs & operations

contingency planning

Share to Facebook Share to X Share to LinkedIn Share ia Email

Information system contingency planning refers to a coordinated strategy involving plans, procedures, and technical measures that enable the recovery of information systems, operations, and data after a disruption. Contingency planning generally includes one or more of the following approaches to restore disrupted services:

Restoring information systems using alternate equipment;
Performing some or all of the affected business processes using alternate processing (manual) means (typically acceptable for only short-term disruptions);
Recovering information systems operations at an alternate location (typically acceptable for only long–term disruptions or those physically impacting the facility); and
Implementing of appropriate contingency planning controls based on the information system’s security impact level. (SP 800-34 Rev. 1)

Related Publications

Data Integrity: Detecting and Responding to Ransomware
SP 1800-26
December 2020
Final

Identifying and Protecting Assets Against Ransomware
SP 1800-25
December 2020
Final

Security and Privacy Controls for Info Systems and Organizations
SP 800-53 Rev. 5 (Final Public Draft)
March 2020
Withdrawn

Identifying and Protecting Assets Against Ransomware
SP 1800-25 (Initial Public Draft)
January 2020
Withdrawn

Detecting and Responding to Ransomware
SP 1800-26 (Initial Public Draft)
January 2020
Withdrawn

View All Publications

Used For

ISCP

Topics

Security and Privacy
Technologies
Applications
Laws and Regulations
Activities and Products
Sectors

Created June 08, 2016, Updated June 22, 2020

National Institute of Standards and Technology logo

HEADQUARTERS
100 Bureau Drive
Gaithersburg, MD 20899

X (link is external)
facebook (link is external)
linkedin (link is external)
instagram (link is external)
youtube (link is external)
rss
govdelivery (link is external)

Want updates about CSRC and our publications? Subscribe

National Institute of Standards and Technology logo

Send inquiries to [email protected]

Site Privacy
Accessibility
Privacy Program
Copyrights
Vulnerability Disclosure
No Fear Act Policy
FOIA
Environmental Policy
Scientific Integrity
Information Quality Standards
Commerce.gov
Science.gov
USA.gov
Vote.gov