Navigate

CP-3(1)

CP-3(1): Simulated Events

Incorporate simulated events into contingency training to facilitate effective response by personnel in crisis situations.

Supplemental

The use of simulated events creates an environment for personnel to experience actual threat events, including cyber-attacks that disable websites, ransomware attacks that encrypt organizational data on servers, hurricanes that damage or destroy organizational facilities, or hardware or software failures.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	high

Overlays
DAF Baseline

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to CP-3(1).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of CP-3(1).

Control	Description
No controls

Related CCIs

The CCIs below are tied to CP-3(1).

CCI	Definition
CCI-000488	Incorporate simulated events into contingency training to facilitate effective response by personnel in crisis situations.