NIST 800-53 REV 5 • SYSTEM AND INFORMATION INTEGRITY

SI-17Fail-safe Procedures

Implement the indicated fail-safe procedures when the indicated failures occur: {{ insert: param, si-17_prm_1 }}.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

Supplemental Guidance

Failure conditions include the loss of communications among critical system components or between system components and operational facilities. Fail-safe procedures include alerting operator personnel and providing specific instructions on subsequent steps to take. Subsequent steps may include doing nothing, reestablishing system settings, shutting down processes, restarting the system, or contacting designated organizational personnel.

Practitioner Notes

Define fail-safe procedures — specific steps your team follows when a system fails or a security control stops working — to ensure security is maintained during and after the failure.

Example 1: Document fail-safe procedures for your firewall. If the firewall fails, the procedure includes: activate the standby firewall, verify rules are consistent, notify the security team, block direct internet access until the primary is restored, and log the entire incident.

Example 2: Create runbooks for common failure scenarios — SIEM down, AV console unreachable, domain controller failure. Each runbook specifies what compensating controls to activate, who to notify, and what monitoring to increase until the primary system is restored.

More System and Information Integrity Controls

SI-1 Policy and Procedures SI-2 Flaw Remediation SI-2(1) Central Management SI-2(2) Automated Flaw Remediation Status