An error occurred:

© 2025 Xylok, LLC

Version: features-advanced-collector-898c2c - rmfrev4

Navigate

CCI-000844

CCI-000844 Definition

Develop an incident response plan that is reviewed and approved by organization-defined personnel or roles on an organization-defined frequency.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000844.

Control

Description

The organization:

a: Develops an incident response plan that:
- 1: Provides the organization with a roadmap for implementing its incident response capability;
- 2: Describes the structure and organization of the incident response capability;
- 3: Provides a high-level approach for how the incident response capability fits into the overall organization;
- 4: Meets the unique requirements of the organization, which relate to mission, size, structure, and functions;
- 5: Defines reportable incidents;
- 6: Provides metrics for measuring the incident response capability within the organization;
- 7: Defines the resources and management support needed to effectively maintain and mature an incident response capability; and
- 8: Is reviewed and approved by [one of ];

b: Distributes copies of the incident response plan to [one of ];

c: Reviews the incident response plan [one of ];

d: Updates the incident response plan to address system/organizational changes or problems encountered during plan implementation, execution, or testing;

e: Communicates incident response plan changes to [one of ]; and

f: Protects the incident response plan from unauthorized disclosure and modification.