IR-03 Incident Response Testing And Exercises
Incident Response
Low Moderate High Privacy
Description
The organization tests and/or exercises the incident response capability for the information system [Assignment: organization-defined frequency, at least annually] using [Assignment: organization-defined tests and/or exercises] to determine the incident response effectiveness and documents the results.\n
Supplemental Guidance
NIST Special Publication 800-84 provides guidance on test, training, and exercise programs for information technology plans and capabilities.\n
Enhancements
\n
Compliance Mappings
ISO 27002:2022
5.30
CIS Controls v8
17.7
ISO 17799 (legacy)
14.1.5
COBIT 4.1 (legacy)
None.