IR-02—Incident Response Testing

>Control Description

Organization tests incident response processes on an annual basis. Results from the tests are documented.

Theme

Process

Type

Detective

Policy/Standard

Incident Management Policy

>Implementation Guidance

1. Ensure that a process exists to test the incident response process on an annual basis. 2. Ensure that Incident Response Standard is updated at least annually. 3. Establish a process for conducting the trainings such as table top exercise and ensure that all necessary personnel attended the training.

>Testing Procedure

1. Validate with the Incident response team of the completion of the training and its documentation. 2. Validate that Incident Response Standard is updated at least annually. 3. Review elements of the training such as table top exercise and confirm that all necessary personnel attended the training.

>Audit Artifacts

E-IR-01

E-IR-04

E-IR-05

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

Ask AI

Configure your API key to use AI features.

>Control Description

Theme

Type

Policy/Standard

>Implementation Guidance

>Testing Procedure

>Audit Artifacts

>Framework Mappings

CIS Controls1

FedRAMP Rev 51

PCI DSS3

BSI C51

TX-RAMP1

Ask AI

CIS Controls
1

FedRAMP Rev 5
1

PCI DSS
3

BSI C5
1

TX-RAMP
1