Navigate

IR-4(9)

IR-4(9): Dynamic Response Capability

The organization employs [organization-defined dynamic response capabilities] to effectively respond to security incidents.

Supplemental

This control enhancement addresses the deployment of replacement or new capabilities in a timely manner in response to security incidents (e.g., adversary actions during hostile cyber attacks). This includes capabilities implemented at the mission/business process level (e.g., activating alternative mission/business processes) and at the information system level.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to IR-4(9).

Control	Description
CP-10	The organization provides for the recovery and reconstitution of the information system to a known state after a disruption, compromise, or failure.

Enhancements

The controls below (if any) add on to the requirements of IR-4(9).

Control	Description
No controls

Related CCIs

The CCIs below are tied to IR-4(9).

CCI	Definition
CCI-002788	Employ organization-defined dynamic response capabilities to effectively respond to incidents.
CCI-002789	Defines dynamic response capabilities to effectively respond to incidents.