2. The information system implements transaction recovery for systems that are transaction-based.
4. The Cloud Service Provider (CSP) provides the capability to restore information system components within the time period consistent with the restoration time periods defined in the service provider and organization SLA from configuration-controlled and integrity-protected information representing a known, operational state for the components.
|Identification and Authentication (IA)|
|IA-1||Identification and Authentication Policy and Procedures|
|Control Requirement:||The Cloud Service Provider (CSP):|
a. Develops, documents, and disseminates to CSP-defined personnel or roles:
1. An identification and authentication policy that addresses ...