• Requirement

    Use qualitative and quantitative data from testing to:

    1. Determine the effectiveness of incident response processes;
    2. Continuously improve incident response processes; and
    3. Provide incident response measures and metrics that are accurate, consistent, and in a reproducible format.
  • Discussion

    To help incident response activities function as intended, organizations may use metrics and evaluation criteria to assess incident response programs as part of an effort to continually improve response performance. These efforts facilitate improvement in incident response efficacy and lessen the impact of incidents.

More Info

  • Title

    Incident Response Testing | Continuous Improvement
  • Family

    Incident Response
  • NIST 800-53B Baseline(s)

    • Related NIST 800-53 ID

    NIST 800-53A Assessment Guidance

    CMMC Training

    Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!