>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CP-9(7)Information System Backup

PBMM (P2)
Secret (P2)
Operational

>Control Description

INFORMATION SYSTEM BACKUP | DUAL AUTHORIZATION The organization enforces dual authorization for the deletion or destruction of organization-defined backup information.

>Supplemental Guidance

Dual authorization ensures that the deletion or destruction of backup information cannot occur unless two qualified individuals carry out the task. Individuals deleting/destroying backup information possess sufficient skills/expertise to determine if the proposed deletion/destruction of backup information reflects organizational policies and procedures. Dual authorization may also be known as two-person control.

Related controls: AC-3, MP-2.

Ask AI

Configure your API key to use AI features.