Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The information system implements transaction recovery for systems that are transaction-based.
NIST 800-53 (r4) Supplemental Guidance:
Transaction-based information systems include, for example, database management systems and transaction processing systems. Mechanisms supporting transaction recovery include, for example, transaction rollback and transaction journaling.
NIST 800-53 (r5) Discussion:
Transaction-based systems include database management systems and transaction processing systems. Mechanisms supporting transaction recovery include transaction rollback and transaction journaling.
38North Guidance:
Meets Minimum Requirement:
The organization must ensure that the CP implements transaction recovery for systems that are transaction-based.
Configure the information system and databases where data is replicated across multiple data centers, cloud regions, availability zones, etc. This may involve active/active configurations where data is replicated across multiple data centers and/or regions, as mentioned.
Best Practice:
TBD.
Unofficial FedRAMP Guidance: None.
Assessment Evidence:
Provide evidence of compliance with their externally documented recovery responsibilities, recovery strategies, etc.
Provide evidence that transactional backup recovery strategies for the systems/databases are included in your plan. This may include snapshots of databases at a point in time that ensures committed transactions are reflected in the database and uncommitted transactions are not.
Evidence of a transactional recovery configuration settings for the information system/database.
Configuration showing how the system implements transaction recovery (i.e., there is a snapshot of the database at a point in time that ensures committed transactions are actually reflected in the database and uncommitted transactions are not).
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse