The organization develops a contingency plan for the information system that addresses maintaining essential business functions despite an information system compromise.
No STIG checks reference this CCI.