Incident recovery plan execution (RC.RP)
In this control family, we will discuss what to do when recovering from an incident. This includes enacting your recovery plan to bring systems back up to a known running state. This will require that you follow your recovery plan, restore your backups, and establish existing or new baselines for your IT resources.
RC.RP-01
Now that we have implemented our ICA and PCAs, it is time to start the actual recovery process of our incident response plan. This will entail utilizing our recovery plans to get systems back up and running again with newly established baselines. We may need to also include internal and external stakeholders to do this.
As part of your incident response plans, there should be a way to instruct your IT team to begin work on recreating your environment. There should be step-by-step instructions on how...
