NIST 800-53 REV 5 • CONTINGENCY PLANNING

CP-7(5)Equivalent Information Security Safeguards

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Practitioner Notes

This enhancement was incorporated into CP-7. It required your alternate processing site to have equivalent security controls as your primary site.

Example 1: Apply the same STIG baselines and security group policies to systems at your alternate site as you do at your primary site, and include them in your regular SCAP scans.

Example 2: Ensure your backup Azure subscription has the same security configurations — network security groups, Defender for Cloud settings, and access controls — as production.

More Contingency Planning Controls

CP-1 Policy and Procedures CP-2 Contingency Plan CP-2(1) Coordinate with Related Plans CP-2(2) Capacity Planning