Threats of destructive malware, malicious insider activity, and even honest mistakes create the imperative for organizations to be able to quickly recover from an event that alters or destroys any form of data (database records, system files, configurations, user files, application code, etc.). Organizations must be confident that recovered data is accurate and safe. The NCCoE — in collaboration with members of the business community and vendors of cybersecurity solutions — will build an example solution to address these complex data integrity challenges. Multiple systems need to work together to prevent, detect, notify, and recover when data integrity is jeopardized. This project explores methods to effectively monitor and detect data corruption in commodity components (server, operating system, applications, and software configurations) as well as custom applications and data. It also explores issues of auditing and reporting (user activity monitoring, file system monitoring, database monitoring, scanning backups/snapshots for malware and rapid recovery solutions) to support recovery and investigations. To address real-world business challenges around data integrity, the resulting example solution will be composed of open-source and commercially available components. Ultimately, this project will result in a publicly available NIST Cybersecurity Practice Guide—a description of the solution and practical steps needed to implement an example solution that addresses these existing challenges.