17.7: Conduct Routine Incident Response Exercises
CSF v1.1 References:
PF v1.0 References:
Previous Version:
- Critical Security Controls Version 7.1:
- 19.7: Conduct Periodic Incident Scenario Sessions for Personnel
Control Statement
Plan and conduct routine incident response exercises and scenarios for key personnel involved in the incident response process to prepare for responding to real-world incidents. Exercises need to test communication channels, decision making, and workflows. Conduct testing on an annual basis, at a minimum.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]