500.16(a)(2)—500.16(a)(2)
>Control Description
Business continuity and disaster recovery (BCDR) plan. BCDR plans shall be reasonably designed to ensure the availability and functionality of the covered entity’s information systems and material services and protect the covered entity’s personnel, assets and nonpublic information in the event of a cybersecurity-related disruption to its normal business activities. Such plans shall, at minimum:
>Cross-Framework Mappings
Ask AI
Configure your API key to use AI features.