164.308(a)(7)(ii)(D) - Testing and Revision Procedures (Addressable)

Implement procedures for periodic testing and revision of contingency plans.

Illustrative Controls and TIBCO LogLogic Solution

Test the IT continuity plan on a regular basis to ensure that IT systems can be effectively recovered, shortcomings are addressed and the plan remains relevant. This requires careful preparation, documentation, reporting test results and, according to the results, implementing an action plan. Consider the extent of testing recovery of single applications to integrated testing scenarios to end-to-end testing and integrated vendor testing.

Organizations must have procedures in place to back up data and programs based on IT and user requirements. To satisfy this control objective, administrators must back up data on a regular basis. In addition, administrators must review backup logs periodically to ensure backups are performed successfully. Backup logs must be reviewed periodically to ensure backup and restore are performed successfully on a regular basis. Organizations must review backup logs periodically to ensure backup and restore are performed successfully on a regular basis.

Reports and Alerts

Use the following link or reference to see the 164.308(a)(7)(ii)(D) reports and alerts: 164.308(a)(7)(ii)(D) - Testing and Revision Procedures (Addressable).