IR-3: Incident Response Testing

From NIST's SP800-53:

Test the effectiveness of the incident response capability for the system [Assignment: organization-defined frequency] using the following tests: [Assignment: organization-defined tests].

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

SP800-53 Control Mapped to NIST Cyber Security Framework

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Control ID	Description
ID.SC-5	Response and recovery planning and testing are conducted with suppliers and third-party providers
PR.IP-10	Response and recovery plans are tested
RS.CO-1	Personnel know their roles and order of operations when a response is needed