CMMC Practice RE.2.137
Regularly perform and test data backups.
Bold Coast Security Guidance
For Level 1 compliance you must have a consistent practice in place to backup CUI data, and periodically test backups to ensure they are viable and effective. For Level 2, your formal written policy must require backups and backup testing. Your security plan for Maturity Level 3 should include a description of your backup methodology and testing plan.
It's important to also backup confidential or proprietary data, as well as "system state" so the recovery time is significantly decreased.
Backups are used to recover data in the event of a hardware or software failure. Backups should be performed regularly based on an organizational defined frequency . They should be tested regularly to ensure they are performing as expected.