Application Incident Response & Contingency Planning
Overview
Cloud.gov’s platform-level incident response capabilities align with NIST SP 800-61 Rev 2, providing automated event detection, analysis, containment, and recovery tooling under a FedRAMP Moderate Authorization. Agencies inherit centralized logging, alerting, and encrypted communication channels, while retaining responsibility for application-specific workflows and coordination with Cloud.gov support.
What Cloud.gov Provides
-
Real-time Platform Status:
Cloud.gov’s public status page offers live visibility into platform health, including ongoing incidents, performance degradations, and scheduled maintenance windows. -
Multi-AZ Resiliency:
Cloud.gov supports all platform services and customer application instances across multiple AWS Availability Zones to maximize fault tolerance and automated failover during zone-level disruptions.
Customer Responsibilities
Customer Responsibility: Develop and maintain application-level IR and contingency procedures that integrate with Cloud.gov’s platform capabilities.
Contact & Support
If you discover an incident affecting your application or Cloud.gov platform, please:
-
Monitor Status: Check cloudgov.statuspage.io.
-
Report Immediately: Email support@cloud.gov with:
- Timestamp of the incident
- Affected resource names
- Any relevant logs or evidence
Reference Documents
- NIST SP 800-61 Rev 2 (Computer Security Incident Handling Guide) ([NIST Publications][4])
- NIST SP 800-84 (Guide to Test, Training, and Exercise Programs) ([NIST Publications][5])