NIST SP 800-171 & CMMC 2.0 3.6.3 Requirement:

Test the organizational incident response capability.

NIST SP 800-171 & CMMC 2.0 3.6.3 Requirement Explanation:

By testing your incident response capability your are identifying any process and team weaknesses before the occurrence of an actual incident. This allows you to improve your incident response capability.

Example NIST SP 800-171 & CMMC 2.0 3.6.3 Implementation:

Use walk-through, tabletop, or simulations to test your incident response capability. You may use tabletop exercises from the center for internet security to accomplish this. Document the results and modify your incident response process accordingly. You should periodically perform these test, perhaps bi-annually.

NIST SP 800-171 & CMMC 2.0 3.6.3 Scenario(s):

- Scenario 1:

To test your incident response capability your company will be performing a tabletop exercise. The incident scenario is: Alice, your network administrator, is overworked and underpaid. She quickly builds an installation file for the patch and deploys it before leaving for the day. Next, Joe, the on-call IT technician, begins receiving calls that nobody can log in. It turns out that no testing was done for the recently installed critical patch. As part of the tabletop exercise, your team answers the following questions: What is Joe’s response in this scenario? Does your on-call technician have the expertise to handle this incident? If not, are there defined escalation processes? Does your organization have a formal change control policy? Are your employees trained on proper change control? Does your organization have disciplinary procedures in place for when an employee fails to follow established policies? Does your organization have the ability to “rollback” patches in the event of unanticipated negative impacts? The answers to the above questions are documented along with any suggested improvements for your incident response capability.
 

Quick & Simple

Discover Our Cybersecurity Compliance Solutions:

Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you

 NIST SP 800-171 & CMMC Compliance App

NIST SP 800-171 & CMMC Compliance

Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
 HIPAA Compliance App

HIPAA Compliance

Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
 FAR 52.204-21 Compliance App

FAR 52.204-21 Compliance

Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
 ISO 27001 Compliance App

ISO 27001 Compliance

Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.