BCD-11.10 ยท Backup Modification and/or Destruction

Control Description

Mechanisms exist to restrict access to modify and/or delete backups to privileged users with assigned data backup and recovery operations roles.

Control Question
Assessment question for control validation

Does the organization restrict access to modify and/or delete backups to privileged users with assigned data backup and recovery operations roles?

Control Weighting
9
Validation Cadence
Annual
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: BCD-11.10