Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The organization coordinates incident response testing with organizational elements responsible for related plans.
NIST 800-53 (r4) Supplemental Guidance:
Organizational plans related to incident response testing include, for example, Business Continuity Plans, Contingency Plans, Disaster Recovery Plans, Continuity of Operations Plans, Crisis Communications Plans, Critical Infrastructure Plans, and Occupant Emergency Plans.
References: NIST Special Publications 800-84, 800-115.
NIST 800-53 (r5) Discussion:
Organizational plans related to incident response testing include business continuity plans, disaster recovery plans, continuity of operations plans, contingency plans, crisis communications plans, critical infrastructure plans, and occupant emergency plans.
38North Guidance:
Meets Minimum Requirement:
Coordinate incident response testing activities with roles/teams responsible for related plans (e.g., contingency planning, disaster recovery, etc). This is to ensure rehearsed coordination between the two groups in the event that a security incident also triggers the contingency planning or disaster recovery activities.
If required by the hosting environment (e.g. AWS, Azure, Google) customer responsibility matrix or SSP, incident response testing has been coordinated with these entities.
Best Practice:
TBD
Unofficial FedRAMP Guidance:
TBD
Assessment Evidence:
Incident response test results, meeting minutes, or meeting agendas showing incident response testing is coordinated with roles/teams responsible for related plans (e.g., contingency planning, disaster recovery, etc.).
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse