CCI-002818

The organization implements organization-defined procedures to ensure that organizational personnel impacted by information spills can continue to carry out assigned tasks while contaminated systems are undergoing corrective actions.

Implementation Guidance

The organization being inspected/assessed implements procedures defined in IR-9 (3), CCI 2819 to ensure that organizational personnel impacted by information spills can continue to carry out assigned tasks while contaminated systems are undergoing corrective actions.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented procedures defined in IR-9 (3), CCI 2819 as well as after action reports of incidents to ensure the organization being inspected/assessed implements procedures defined in IR-9 (3), CCI 2819 to ensure that organizational personnel impacted by information spills can continue to carry out assigned tasks while contaminated systems are undergoing corrective actions.

Compelling Evidence

1.) Documented procedures that ensure organizational personnel impacted by information spills can continue to carry out assigned tasks while contaminated systems are undergoing corrective actions. 2.) Incident response after action report

The controls below (if any) were marked by NIST as being related to CCI-002818.