RC.RP-05.355

Does your organization validate the integrity and completeness of restored systems before returning them to production?

Explanation

This question assesses whether your organization has a verification process to ensure restored systems are functioning correctly and securely before they're put back into production use. This includes checking that all critical components, data, configurations, and security controls have been properly restored and are operating as expected. Evidence could include documented restoration validation procedures, pre-production checklists, test results from restored systems, sign-off forms that must be completed before systems return to production, or restoration test logs showing verification steps performed and their outcomes.

Implementation Example

Verify the correctness and adequacy of the restoration actions taken before putting a restored system online

ID: RC.RP-05.355

Context

Function: RC: RECOVER
Category: RC.RP: Incident Recovery Plan Execution
Sub-Category: The integrity of restored assets is verified, systems and services are restored, and normal operating status is confirmed

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub