Navigate

CCI-000822

CCI-000822 Definition

Implement an incident handling capability for incidents that is consistent with the incident response plan and includes preparation, detection and analysis, containment, eradication, and recovery.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000822.

Control	Description
IR-4	The organization: a: Implements an incident handling capability for security incidents that includes preparation, detection and analysis, containment, eradication, and recovery; b: Coordinates incident handling activities with contingency planning activities; and c: Incorporates lessons learned from ongoing incident handling activities into incident response procedures, training, and testing, and implements the resulting changes accordingly.

Control

Description

IR-4

The organization:

a: Implements an incident handling capability for security incidents that includes preparation, detection and analysis, containment, eradication, and recovery;

b: Coordinates incident handling activities with contingency planning activities; and

c: Incorporates lessons learned from ongoing incident handling activities into incident response procedures, training, and testing, and implements the resulting changes accordingly.