Navigate

CCI-002778

CCI-002778 Definition

The organization defines the time period in which information system users who assume an incident response role or responsibility receive incident response training.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the time period as 30 working days.

Validation Procedures

The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the time period as 30 working days.

Compelling Evidence

Automatically compliant

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002778.

Control	Description
IR-2	The organization provides incident response training to information system users consistent with assigned roles and responsibilities: IR-2a.: Within [Assignment: organization-defined time period] of assuming an incident response role or responsibility; IR-2b.: When required by information system changes; and IR-2c.: [Assignment: organization-defined frequency] thereafter.