⭐ Repository → 💼 FedRAMP High Security Controls → 💼 Incident Response
💼 IR-3 Incident Response Testing (M)(H)
- ID:
/frameworks/fedramp-high-security-controls/ir/03
Description
Test the effectiveness of the incident response capability for the system [FedRAMP Assignment: functional, at least annually] using the following tests: [Assignment: organization-defined tests].
IR-3-2 Additional FedRAMP Requirements and Guidance:
Requirement: The service provider defines tests and/or exercises in accordance with NIST Special Publication 800-61 (as amended). Functional testing must occur prior to testing for initial authorization. Annual functional testing may be concurrent with required penetration tests (see CA-8). The service provider provides test plans to the JAB/AO annually. Test plans are approved and accepted by the JAB/AO prior to test commencing.
Similar
- Sections
/frameworks/nist-sp-800-53-r5/ir/03
- Internal
- ID:
dec-c-9166c6a3
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 IR-3 Incident Response Testing | 3 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP Moderate Security Controls → 💼 IR-3 Incident Response Testing (M)(H) | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 IR-3(2) Coordination with Related Plans (M)(H) | no data |