ISCP Review of Reconstitution

[gary-fallon]

Description

The Reconstitution in Section 5 needs to be reviewed and updated.

Reconstitution is the process by which recovery activities are completed and normal system operations are resumed to a previously known state. If the original facility is unrecoverable, the activities in this phase can also be applied to preparing a new permanent location to support system processing requirements. A determination must be made on whether the system has undergone significant change and will require reassessment and reauthorization. This phase consists of two major activities: validating successful reconstitution and deactivation of the plan.

Tasks

The following tasks must be reviewed and completed as necessary.

• [ ] In Section 5.1, is concurrent processing applicable?
• [ ] In Section 5.2, it does not appear that all the necessary activities have been included.
• [ ] In Section 5.3, it does not appear that all the necessary activities have been included.
• [ ] In Section 5.4, it does not appear that all the necessary activities have been included.
• [ ] In Section 5.6, it does not appear that all the necessary activities have been included.
• [ ] In Section 5.7, it does not appear that all the necessary activities have been included.
• [ ] In Section 5.8, it does not appear that all the necessary activities have been included.
• [ ] In Section 5.9, it does not appear that all the necessary activities have been included.
• [ ] In Section 5.10, it does not appear that all the necessary activities have been included.

Acceptance

The following tasks must be completed before this issue can be considered done.

• [ ] Review for accuracy and completeness.

[alyssagallion]

Looping in @jhouse-solvd @ph-One @ericboehs @npeterson54

[npeterson54]

@alyssagallion Is there a due date for this?

[gary-fallon]

This item might require additional user stories once the tasks have been reviewed.

[gary-fallon]

I will be drafting the BIA and ISCP based on a new definition of the FISMA authorization boundary that includes all VFS applications.

[alyssagallion]

During our Gap Analysis, we realized that the System Security Plan (SSP) was incorrect. We have since updated it, presented it to the ISSO and Ray Wang is now reviewing the associated tickets he needs to approve. Once those are reviewed and approved, @ScottCutlip will continue the work on SSP.

SSP is blocking BIA work and BIA work must be completed prior to ISCP work being done. Blocked.

[jhouse-solvd]

Please see the parent epic for a recent update.

Moving to review.

[jhouse-solvd]

The ISCP has been updated w/ the most recent info.

Please see the parent epic (#53216) for future updates and follow-up issues.

Closing.