Contingency Planning for Information Systems: Updated Guide for Federal Organizations

Radack, Shirley

ITL Bulletin

Contingency Planning for Information Systems: Updated Guide for Federal Organizations

Documentation

Date Published: July 2010

Author(s)

Shirley Radack (NIST)

Abstract

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-34, Rev. 1, Contingency Planning Guide for Federal Information Systems. This publication updates federal contingency planning practices by integrating risk management and system development life cycle considerations into the contingency planning process. NIST SP 800-34, Rev.1, provides instructions, recommendations, and considerations to assist federal organizations in developing and maintaining effective contingency plans. The guide covers contingency planning principles for three types of system platforms: client/server systems, telecommunications systems, and mainframe systems. Strategies and techniques common to these systems, and a defined process for identifying planning requirements, are discussed. The bulletin summarizes information in the guide and discusses the role of contingency planning as an integral component of the federal government s risk management policies and its practices for incorporating security into all phases of the system development life cycle (SDLC).

Keywords

contingency planning; data availability; data confidentiality; data integrity; information security; information systems security; risk management; security categorization; security controls; security plans; system development life cycle

Control Families

None selected

Documentation

Publication:
Download (pdf)

Supplemental Material:
None available

Document History:
07/20/10: ITL Bulletin (Final)