CISOBot - Your AI CISO Assistant

IRO-06

Incident Response Testing

Weight: 9/10

Description

Mechanisms exist to formally test incident response capabilities through realistic exercises to determine the operational effectiveness of those capabilities.

Control Question

Does the organization formally test incident response capabilities through realistic exercises to determine the operational effectiveness of those capabilities?

Control Metadata

Domain:

Incident Response

Validation Cadence:

Annual

Evidence Request List:

E-IRO-04

Have questions about this control?

Ask CISOBot for implementation guidance and best practices