IR-4(9): Dynamic Response Capability

Control Family:

Incident Response


(Not part of any baseline)

Next Version:

Control Statement

The organization employs [Assignment: organization-defined dynamic response capabilities] to effectively respond to security incidents.

Supplemental Guidance

This control enhancement addresses the deployment of replacement or new capabilities in a timely manner in response to security incidents (e.g., adversary actions during hostile cyber attacks). This includes capabilities implemented at the mission/business process level (e.g., activating alternative mission/business processes) and at the information system level.