• Requirement

    Use qualitative and quantitative data from testing to:
    (a) Determine the effectiveness of incident response processes;
    (b) Continuously improve incident response processes; and
    (c) Provide incident response measures and metrics that are accurate, consistent, and in a reproducible format.

  • Discussion

    To help incident response activities function as intended, organizations may use metrics and evaluation criteria to assess incident response programs as part of an effort to continually improve response performance. These efforts facilitate improvement in incident response efficacy and lessen the impact of incidents.

More Info

  • Title

    Incident Response Testing | Continuous Improvement
  • Family

    Incident Response
  • Related NIST 800-53 ID

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!