From Traditional Security
Part of Information Assurance - COOP Plan Testing (Incomplete)
Associated with IA controls: COMS-1, CODP-1, COTR-1, COAS-2, COPS-2, DCAR-1, DCHW-1, COEF-2, COEF-1, COSW-1, CODP-3, CODB-3, COBR-1, COAS-1, COMS-2, COPS-1, CODP-2, COED-2, CODB-2, COSP-2, COSP-1, COEB-2, COEB-1, COED-1, COPS-3, CODB-1
Failure to develop a COOP and test it periodically can result in the partial or total loss of operations
This check is for when a reviewer finds that a COOP process is well established, but it does not include a minority of systems or requirements based on system MAC levels. NOTES: 1. This finding/VUL is only applicable when MAC III level systems are connected to the DISN and do not have a COOP and/or the COOP is not tested and the risk for not having a COOP and/or documented testing is not accepted by the DAA in a risk assessment document. It is NA for MAC I and MAC II systems without a COOP. 2. If this finding/VUL is used then VUL V0030997 is NA. 3. This VUL is applicable in a tactical environment if it involves a fixed facility as previously described.
ALL systems connected to the DISN must be included in the enclave COOP documentation and testing. If it is determined that MAC Level III systems connected to the DISN do not need to be included in the COOP (plan and/or testing) then the risk for this must specifically be accepted by the DAA in a risk assessment document.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer