Disaster Recovery of Information Systems That Support Mission Essential Functions Needs Improvement

Ensure disaster recovery testing is performed annually on systems supporting MEFs.

The CIO should ensure that the Cybersecurity function and system owners jointly reassess the impact value of availability for all systems supporting the MEFs based on all factors as stated in Federal Information Processing Standards Publication 199 and the Security Categorization Worksheet.