STIGQter: STIG Summary: IBM Hardware Management Console (HMC) STIG Policies Version: 1 Release: 2 Benchmark Date: 20 Jan 2015:

Backup of critical data for the HMC and its components must be documented and tracked

DISA Rule

SV-30533r1_rule

Vulnerability Number

V-24844

Group Title

HMCP0130

Rule Version

HMCP0130

Severity

CAT II

CCI(s)

CCI-000537 - The organization conducts backups of system-level information contained in the information system per organization-defined frequency that is consistent with recovery time and recovery point objectives.

Weight

Fix Recommendation

Verify that procedures for backup of the critical data for the HMCs are properly documented. If not, create Backup Procedures documentation.

CPC data should be backed-up when configuration or CPC- licensed internal code changes have been made or as a routine preventive maintenance procedure.

Check Contents

Review the documentation for backup of critical data for a HMC with the System Administrator.
Review documentation for completeness and accuracy.

If no documentation exists, this is a FINDING.

Vulnerability Number

V-24844

Documentable

False

Rule Version

HMCP0130

Severity Override Guidance

Review the documentation for backup of critical data for a HMC with the System Administrator.
Review documentation for completeness and accuracy.

If no documentation exists, this is a FINDING.

Backup of critical data for the HMC and its components must be documented and tracked

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments