Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.
Sources:
NIST SP 800-37 Rev. 2
under recover (CSF function)
from
NIST Cybersecurity Framework Version 1.1