NIST 800-53 REV 5 • CONTINGENCY PLANNING

CP-9(6)Redundant Secondary System

Conduct system backup by maintaining a redundant secondary system that is not collocated with the primary system and that can be activated without loss of information or disruption to operations.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

The effect of system backup can be achieved by maintaining a redundant secondary system that mirrors the primary system, including the replication of information. If this type of redundancy is in place and there is sufficient geographic separation between the two systems, the secondary system can also serve as the alternate processing site.

Practitioner Notes

This enhancement provides redundancy through a secondary system that can take over if the primary fails — going beyond traditional backup and restore to real-time redundancy.

Example 1: Deploy a SQL Server Always On Availability Group with a synchronous secondary replica that can take over the database workload within seconds of a primary failure.

Example 2: Use Azure Traffic Manager or AWS Route 53 health checks to automatically redirect traffic to a secondary application instance if the primary becomes unavailable.

More Contingency Planning Controls

CP-1 Policy and Procedures CP-2 Contingency Plan CP-2(1) Coordinate with Related Plans CP-2(2) Capacity Planning