DELL’IMMIGRAZIONE
D. L 113/2018 (Salvini) DISPONE L’INCLUSIONE DEI MSNA CON PERMESSO
2. ACCOGLIENZA E PROTEZIONE “MEZZI” PER L’INTEGRAZIONE
2.1 L’ingresso e il divieto di respingimento
IT contingency planning is an integral part of the Department of Homeland Security (DHS) Continuity Planning for Critical DHS Assets Program. Consequently, this policy supplements Continuity of Operations (COOP) Planning policy.
IT contingency planning is designed to ensure the availability of critical IT support under all circumstances. Components are required to develop, test, and maintain IT Contingency Plans to ensure adequate IT is available to sustain DHS essential and supporting office functions in accordance with the requirements for the FIPS 199 potential impact level for the availability security objective. See Section 3.9.1, FIPS 199 Categorization and the NIST SP 800-53 Controls, for more information on DHS’s approach to system categorization.
In support of DHS strategic goals, IT contingency planning is designed to establish a DHS-wide capability to react to emergency events (response), restore essential business functions if a disruption occurs (recovery), and achieve a resumption of normal operations (reconstitution).
DHS Policy
a. Guidance, direction, and authority for IT contingency planning activities for all DHS Components are centralized in the DHS Office of the CIO.
b. To ensure critical IT system availability under all circumstances, a standard DHS-wide process for IT contingency planning shall be developed, documented, and maintained.
c. Components shall implement and enforce backup procedures for all sensitive IT systems, data, and information. Recommended intervals are daily for incremental data backups and weekly for full data backups. System and application software should be backed up whenever modifications to the
DHS Policy software make backups necessary.
d. The rigor of the IT system contingency planning, training, testing and capabilities shall be
dependent upon the FIPS 199 defined potential impact level. The availability security objective alone shall be applied to the NIST SP 800-53 contingency planning (CP) controls defined for the low, moderate, and high potential impact level systems.
e. Comprehensive IT Contingency Plans to continue and recover critical DHS major applications and general support systems shall be developed, tested, exercised, and maintained by all DHS Components in accordance with the requirements for the FIPS 199 potential impact level for the availability security objective. These plans shall be based on three essential phases: Activation/Notification, Recovery, and Reconstitution.
f. When testing is required, IT Contingency Plans shall be tested/exercised annually.
g. All personnel involved in IT contingency planning efforts shall be identified and trained in the procedures and logistics of IT contingency planning and implementation as required.
h. Personnel involved in IT contingency planning efforts shall receive IT Contingency Plan training or refresher training annually.
IT contingency planning responsibilities are provided below.
IT Contingency Planning Responsibilities DHS Continuity Planning Program Director
• Administers the Continuity Planning for Critical DHS Assets Program. Develops, maintains, and promulgates program requirements.
• Provides oversight and ensures program compliance across DHS Components.
• Provides IT contingency planning guidelines to Component ISSMs.
• Facilitates the development and testing of IT Contingency Plans.
• Approves DHS IT Contingency Plans and maintains status.
System/Network Administrators
• Participate in all phases of the contingency planning process.
Site Managers/System Owners
• Ensure that the system’s FIPS 199 potential impact for the availability security objective is correct and maintained to be consistent with system information processing changes.
• Ensure that adequate resources are budgeted for contingency planning, testing, and training consistent with the availability objective of the system.
• Ensure that adequate Contingency Plans are included in C&A documentation.
Component ISSMs
• Establish Component continuity planning programs consistent with Department policy.
• Provide IT contingency planning status and strategy to the DHS Continuity Planning Program
IT Contingency Planning Responsibilities Director.
Component ISSOs
• Comply with the Component continuity planning program.
• Ensure that the system’s FIPS 199 potential impact for the availability security objective is consistent with the information types processed, stored, and transmitted by the system.
• Ensure comprehensive IT Contingency Plans are developed, as required, for each major application and general support system under their purview.
• Perform contingency planning, testing/exercising, and training, as required. For systems with moderate and high potential impact for availability, testing/exercising and training shall occur at least annually and when significant changes are made to the IT application or system, supported essential and office function(s), or the IT Contingency Plan. Examples of significant changes to information systems include installation of a new or upgraded operating system, middleware component, or application; modifications to system ports, protocols, or services; installation of a new or upgraded hardware platform or firmware component; or modifications to cryptographic modules or services.
• Ensure operational security is maintained during any test or recovery activities.
IT contingency planning represents a broad scope of activities designed to sustain and recover critical IT services following an emergency and includes identification of procedures and capabilities for recovering major applications and general support systems.
IT Contingency Plans are IT oriented and therefore focus on sustaining an organization’s critical IT services provided by the major applications and general support systems that sustain essential and supporting office functions.
3.5.2.1 IT Contingency Planning Requirement
IT contingency planning is directed by (1) NIST SP 800-34, Contingency Planning Guide for Information Technology Systems, (2) Office of Management and Budget (OMB) Circular A-130, Management of Federal Information Resources, Appendix III, and (3) NIST SP 800-53,
Recommended Security Controls for Federal Information Systems.
Appendix III requires the development and maintenance of continuity of support plans for general support systems and IT Contingency Plans for major applications. NIST SP 800-34 considers continuity of support planning to be synonymous with IT contingency planning.
Because an IT Contingency Plan should be developed for each major application and general support system, multiple Contingency Plans may be maintained within the organization’s Continuity of Operations (COOP) Plan or Business Continuity Plan.
NIST SP 800-53 defines a family of security controls for Contingency Planning (CP). It
identifies the level that these controls should be developed for high, moderate, and low potential impact systems. DHS uses the FIPS 199 designation of the availability security objective to define the impact level applicable to contingency planning controls (see Section 3.9.1 for information on DHS guidance on FIPS 199 system categorization and implementation of the NIST SP 800-53 security controls).
3.5.2.2 IT Contingency Plan Development
IT contingency planning is designed to achieve the following objectives:
• Ensure the continuous availability of the critical IT systems that support DHS essential office functions during an emergency
• Protect IT assets and vital records needed to support mission needs
• Reduce or mitigate disruptions to operations
• Reduce loss of life, minimizing damage and losses
• Achieve a timely and orderly recovery from an emergency and the resumption of full IT service to customers.
3.5.2.3 IT Contingency Plan Format and Content
To facilitate their usefulness and acceptance by the users, IT Contingency Plans need to be brief and concise. The specific control requirements and level of effort are determined based on the IT system’s security categorization. The level of resources for the Contingency Plan is based on the security categorization for the availability security objective. See Section 3.9.6, Contingency Plan, for more information on the Contingency Plan template requirements.
IT Contingency Plans must encompass the following elements as required for the potential impact level for the system’s availability security objective:
• Disruption impacts and allowable outage times
• Preventive controls and recovery strategies
• Vital records
• Responsible personnel
• Alternate operating facilities
• Devolution of control (delegations of authority and orders of succession)
• Reconstitution (return to normal operations) 3.5.2.4 IT Contingency Plan Test and Exercise
Testing the IT Contingency Plan identifies planning gaps. Tests and exercises serve to validate specific aspects of Contingency Plans, policies, procedures, systems, and facilities to be used during an emergency. Both activities improve plan effectiveness and overall agency
preparedness.
Contingency Plan testing requirements for systems at each impact level for availability are described in Section 3.9.8.1–3.9.8.3.
3.5.2.5 IT Contingency Plan Training
Training prepares recovery personnel for plan activation and improves plan effectiveness for overall agency preparedness. The IT system personnel shall be trained on the Contingency Plan according to the potential impact level of the availability security objective.
• High impact for availability – All personnel involved in IT contingency planning efforts shall be identified and trained in the procedures and logistics of IT contingency planning and implementation, as well as their roles and responsibilities in relation to contingencies. This training shall incorporate simulated events. Refresher training shall be provided
• Moderate impact for availability – All system personnel involved in IT contingency planning efforts shall also be trained. Refresher training shall also be provided.
• Low impact for availability – System personnel are not required to be trained.