>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CP-7(3)Alternate Processing Site | Priority of Service

IL4 Mod
IL4 High
IL5
IL6

>Control Description

Develop alternate processing site agreements that contain priority-of-service provisions in accordance with availability requirements (including recovery time objectives).

>DoD Impact Level Requirements

No specific parameter values or requirements for this impact level.

>Discussion

Priority of service agreements refer to negotiated agreements with service providers that ensure that organizations receive priority treatment consistent with their availability requirements and the availability of information resources for logical alternate processing and/or at the physical alternate processing site. Organizations establish recovery time objectives as part of contingency planning.

>Programmatic Queries

Beta

Related Services

AWS Savings Plans
AWS Reserved Instances
AWS Service Quotas

CLI Commands

Create On-Demand Capacity Reservation for alternate site
aws ec2 create-capacity-reservation --availability-zone us-west-2a --instance-type t3.large --instance-platform Linux/UNIX --quantity 10
List Reserved Instances for capacity planning
aws ec2 describe-reserved-instances --filters Name=state,Values=active
Request service quota increase for alternate region
aws service-quotas request-service-quota-increase --service-code ec2 --quota-code L-1216C47A --desired-value 50
Get current service quota usage
aws service-quotas get-service-quota --service-code ec2 --quota-code L-1216C47A
Open AWS ConsoleDocumentation

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What formal policies and procedures govern the implementation of CP-7(3) (Priority Of Service)?
  • Who are the designated roles responsible for implementing, maintaining, and monitoring CP-7(3)?
  • How frequently is the CP-7(3) policy reviewed and updated, and what triggers policy changes?
  • What governance structure ensures CP-7(3) requirements are consistently applied across all systems?

Technical Implementation:

  • Describe the specific technical mechanisms or controls used to enforce CP-7(3) requirements.
  • What automated tools, systems, or technologies are deployed to implement CP-7(3)?
  • How is CP-7(3) integrated into your system architecture and overall security posture?
  • What configuration settings, parameters, or technical specifications enforce CP-7(3) requirements?

Evidence & Documentation:

  • What documentation demonstrates the complete implementation of CP-7(3)?
  • What audit logs, records, reports, or monitoring data validate CP-7(3) compliance?
  • Can you provide evidence of periodic reviews, assessments, or testing of CP-7(3) effectiveness?
  • What artifacts would you present during a FedRAMP assessment to demonstrate CP-7(3) compliance?

Ask AI

Configure your API key to use AI features.