CMMC Recovery (RE) Domain Overview and Strategy
One of the key areas where the Cybersecurity Maturity Model Certification (CMMC) expands on NIST 800-171 is system recovery, specifically the ability to recover from any event that compromises the integrity and availability of data. Backups are called out in the Recovery (RE) Domain and include the requirement to backup all content, not just CUI and other critical content. Further, testing backups is now a requirement and likely to be validated during a CMMC assessment.
