๐ผ IR-3 Incident Response Testing (M)(H)
- Contextual name: ๐ผ IR-3 Incident Response Testing (M)(H)
- ID:
/frameworks/fedramp-high-security-controls/ir/03 - Located in: ๐ผ Incident Response
Descriptionโ
Test the effectiveness of the incident response capability for the system [FedRAMP Assignment: functional, at least annually] using the following tests: [Assignment: organization-defined tests].
IR-3-2 Additional FedRAMP Requirements and Guidance:
Requirement: The service provider defines tests and/or exercises in accordance with NIST Special Publication 800-61 (as amended). Functional testing must occur prior to testing for initial authorization. Annual functional testing may be concurrent with required penetration tests (see CA-8). The service provider provides test plans to the JAB/AO annually. Test plans are approved and accepted by the JAB/AO prior to test commencing.
Similarโ
- Sections
/frameworks/nist-sp-800-53-r5/ir/03
- Internal
- ID:
dec-c-9166c6a3
- ID:
Similar Sections (Take Policies From)โ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| ๐ผ NIST SP 800-53 Revision 5 โ ๐ผ IR-3 Incident Response Testing | 3 |
Similar Sections (Give Policies To)โ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| ๐ผ FedRAMP Moderate Security Controls โ ๐ผ IR-3 Incident Response Testing (M)(H) | 1 |
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| ๐ผ IR-3(2) Coordination with Related Plans (M)(H) |