home || catalog: SP800-53rev3 / class: Operational / family: (IR) Incident Response ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR

IR-01
IR-02
IR-03 *
IR-04
IR-05
IR-06
IR-07
IR-08

MA
MP
PE
PL
PM
PS
RA
SA
SC
SI
MMMMM

  IR-03: Incident Response Testing and Exercises  

base control objective:
The organization tests and/or exercises the incident response capability for the information system [Assignment: organization-defined frequency] using [Assignment: organization-defined tests and/or exercises] to determine the incident response effectiveness and documents the results.

supplemental objective information:
ARRAY(0x7fdbce60ab38)

enhancements to the base objective:

(1) The organization employs automated mechanisms to more thoroughly and effectively test/exercise the incident response capability.
Enhancement Supplemental Guidance: Automated mechanisms can provide the ability to more thoroughly and effectively test or exercise the incident response capability by providing more complete coverage of incident response issues, selecting more realistic test/exercise scenarios and environments, and more effectively stressing the response capability.

mapping to FIPS199 baseline:

  LOW: null     MOD: base     HIGH: base (1)  

related (regimented) controls:

AT-02   Security Awareness

documents referenced in SP800-53rev3 for IR-03:

Document Date Status Title
NIST SP800-61 August, 2012 current   Computer Security Incident Handling Guide
NIST SP800-84 September, 2006 current   Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities

Search SP800-53rev3 catalog: