Skip to main content
MuonPartners
Services
Architecture

Solution design and technology roadmapping

Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security

Security assessments, IAM, and compliance

AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform

Network architecture and cloud platforms

Network DesignCloud StrategyModernisation
Enterprise Architecture

Business-technology alignment

Business AlignmentPortfolio AnalysisGovernance
View all services
ProjectsCase StudiesInsightsToolsAbout
Contact Us

Services

Architecture
Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security
AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform
Network DesignCloud StrategyModernisation
Enterprise Architecture
Business AlignmentPortfolio AnalysisGovernance
ProjectsCase StudiesInsightsToolsAboutContact
Get in Touch
MuonPartners

Strategic technology consulting for Australian organisations navigating complexity.

Services

  • Architecture
  • Cyber Security
  • Network and Platform
  • Enterprise Architecture

Company

  • About
  • Products
  • Frameworks
  • Cross-Framework Mapping
  • Projects
  • Case Studies
  • Insights
  • Contact

Contact

  • [email protected]
  • Australia
  • LinkedIn

© 2026 Muon Partners. All rights reserved.

ABN 50 669 022 315 · A Muon Group company.

Privacy PolicyTerms of Service
  1. Frameworks
  2. >SP 800-53
  3. >Contingency Planning
  4. >SP800-53-CP-6
SP800-53-CP-6Active

Alternate Storage Site

Statement

Establish an alternate storage site, including necessary agreements to permit the storage and retrieval of system backup information; and Ensure that the alternate storage site provides controls equivalent to that of the primary site.

Location

Control Family
Contingency Planning

Control Details

Identifier
SP800-53-CP-6
Family
CP

Supplemental Guidance

Alternate storage sites are geographically distinct from primary storage sites and maintain duplicate copies of information and data if the primary storage site is not available. Similarly, alternate processing sites provide processing capability if the primary processing site is not available. Geographically distributed architectures that support contingency requirements may be considered alternate storage sites. Items covered by alternate storage site agreements include environmental conditions at the alternate sites, access rules for systems and facilities, physical and environmental protection requirements, and coordination of delivery and retrieval of backup media. Alternate storage sites reflect the requirements in contingency plans so that organizations can maintain essential mission and business functions despite compromise, failure, or disruption in organizational systems.

Assessment Objective

an alternate storage site is established; establishment of the alternate storage site includes necessary agreements to permit the storage and retrieval of system backup information; the alternate storage site provides controls equivalent to that of the primary site.

ATTACK
ATTACK-T1070relatedvia ctid-attack-to-sp800-53
ATTACK-T1070.001relatedvia ctid-attack-to-sp800-53
ATTACK-T1486relatedvia ctid-attack-to-sp800-53
ATTACK-T1565relatedvia ctid-attack-to-sp800-53
ATTACK-T1565.001relatedvia ctid-attack-to-sp800-53
View in graphReport an issue
← Back to Contingency Planning
Contingency Planning56 controls
SP800-53-CP-1Policy and ProceduresSP800-53-CP-2Contingency PlanSP800-53-CP-2(1)Coordinate with Related PlansSP800-53-CP-2(2)Capacity PlanningSP800-53-CP-2(3)Resume Mission and Business FunctionsSP800-53-CP-2(4)Resume All Mission and Business FunctionsSP800-53-CP-2(5)Continue Mission and Business FunctionsSP800-53-CP-2(6)Alternate Processing and Storage SitesSP800-53-CP-2(7)Coordinate with External Service ProvidersSP800-53-CP-2(8)Identify Critical AssetsSP800-53-CP-3Contingency TrainingSP800-53-CP-3(1)Simulated EventsSP800-53-CP-3(2)Mechanisms Used in Training EnvironmentsSP800-53-CP-4Contingency Plan TestingSP800-53-CP-4(1)Coordinate with Related PlansSP800-53-CP-4(2)Alternate Processing SiteSP800-53-CP-4(3)Automated TestingSP800-53-CP-4(4)Full Recovery and ReconstitutionSP800-53-CP-4(5)Self-challengeSP800-53-CP-5Contingency Plan UpdateSP800-53-CP-6Alternate Storage SiteSP800-53-CP-6(1)Separation from Primary SiteSP800-53-CP-6(2)Recovery Time and Recovery Point ObjectivesSP800-53-CP-6(3)AccessibilitySP800-53-CP-7Alternate Processing SiteSP800-53-CP-7(1)Separation from Primary SiteSP800-53-CP-7(2)AccessibilitySP800-53-CP-7(3)Priority of ServiceSP800-53-CP-7(4)Preparation for UseSP800-53-CP-7(5)Equivalent Information Security SafeguardsSP800-53-CP-7(6)Inability to Return to Primary SiteSP800-53-CP-8Telecommunications ServicesSP800-53-CP-8(1)Priority of Service ProvisionsSP800-53-CP-8(2)Single Points of FailureSP800-53-CP-8(3)Separation of Primary and Alternate ProvidersSP800-53-CP-8(4)Provider Contingency PlanSP800-53-CP-8(5)Alternate Telecommunication Service TestingSP800-53-CP-9System BackupSP800-53-CP-9(1)Testing for Reliability and IntegritySP800-53-CP-9(2)Test Restoration Using SamplingSP800-53-CP-9(3)Separate Storage for Critical InformationSP800-53-CP-9(4)Protection from Unauthorized ModificationSP800-53-CP-9(5)Transfer to Alternate Storage SiteSP800-53-CP-9(6)Redundant Secondary SystemSP800-53-CP-9(7)Dual Authorization for Deletion or DestructionSP800-53-CP-9(8)Cryptographic ProtectionSP800-53-CP-10System Recovery and ReconstitutionSP800-53-CP-10(1)Contingency Plan TestingSP800-53-CP-10(2)Transaction RecoverySP800-53-CP-10(3)Compensating Security ControlsSP800-53-CP-10(4)Restore Within Time PeriodSP800-53-CP-10(5)Failover CapabilitySP800-53-CP-10(6)Component ProtectionSP800-53-CP-11Alternate Communications ProtocolsSP800-53-CP-12Safe ModeSP800-53-CP-13Alternative Security Mechanisms