BCD-05
Contingency Plan Root Cause Analysis (RCA) & Lessons Learned
Description
Mechanisms exist to conduct a Root Cause Analysis (RCA) and "lessons learned" activity every time the contingency plan is activated.
Control Question
Does the organization conduct a Root Cause Analysis (RCA) and "lessons learned" activity every time the contingency plan is activated?
Control Metadata
Domain:
Business Continuity & Disaster Recovery
Validation Cadence:
Annual
Evidence Request List:
E-BCM-04
Framework Mappings
This control maps to the following compliance frameworks
MAS TRM
7.8.17.8.27.8.3
HKIA GL20
2.12.22.35.15.25.35.45.55.65.7