Navigate

CCI-002788

CCI-002788 Definition

Employ organization-defined dynamic response capabilities to effectively respond to incidents.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed implements at a minimum, the appropriate CIRT/CERT (such as US-CERT, DoD CERT, IC CERT) to effectively respond to security incidents. DoD has defined the dynamic response capabilities as at a minimum, the appropriate CIRT/CERT (such as US-CERT, DoD CERT, IC CERT).

Validation Procedures

The organization conducting the inspection/assessment obtains and examines incident response logs to ensure that they reflect the use of at a minimum, the appropriate CIRT/CERT (such as US-CERT, DoD CERT, IC CERT). DoD has defined the dynamic response capabilities as at a minimum, the appropriate CIRT/CERT (such as US-CERT, DoD CERT, IC CERT).

Compelling Evidence

1.) Incident response logs

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002788.

Control	Description
IR-4(9)	The organization employs [one of ] to effectively respond to security incidents.