NIST CSF: PR.IP-10 Subcategory
From NIST's Cyber Security Framework (version 1):
Response and recovery plans are tested
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
CSF Mapped to SP800-53 Controls
Generated from NIST's SP800-53/CSF Crosswalk mappings.
Related ISO 27001 Controls
Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.
-
Verify, review, and evaluate information security continuity (17.1.3)
ISO 27001:2013
Related ISA/IEC 62443 Controls
Clauses and controls from IEC 62443 (62443-2-1 and 62443-3-3) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.
-
Security functionality verification (SR 3.3)
ISA/IEC 62443-3-3:2013 -
Test and update the business continuity plan (4.3.2.5.7)
ISA/IEC 62443-2-1:2009 -
Conduct drills (4.3.4.5.11)
ISA/IEC 62443-2-1:2009
CSF Mapped to the NCSC CAF
Cyber Assessment Framework mappings generated from UK Cabinet Office data.
| Control ID | Name | Description |
|---|---|---|
| B5.a | Resilience Preparation | You are prepared to restore the operation of your essential function following adverse impact. |
| D1.c | Testing and Exercising | Your organisation carries out exercises to test response plans, using past incidents that affected your (and other) organisation, and scenarios that draw on threat intelligence and your risk assessment. |