⭐ Repository → 💼 SOC 2 → 💼 CC7 System Operations → 💼 CC7.5 The entity identifies, develops, and implements activities to recover from identified security incidents.
💼 CC7.5-6 Implements Incident Recovery Plan Testing
- ID:
/frameworks/soc-2/cc7/05/06
Description
Incident recovery plan testing is performed on a periodic basis. The testing includes (1) development of testing scenarios based on threat likelihood and magnitude; (2) consideration of relevant system components from across the entity that can impair availability; (3) scenarios that consider the potential for the lack of availability of key personnel; and (4) revision of continuity plans and systems based on test results.
Similar
- Internal
- ID:
dec-c-c07c4e2c
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|