CP-3(1): Simulated Events
Control Family:
Parent Control:
Baselines:
- High
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- CP-3(1): Simulated Events
Control Statement
Incorporate simulated events into contingency training to facilitate effective response by personnel in crisis situations.
Supplemental Guidance
The use of simulated events creates an environment for personnel to experience actual threat events, including cyber-attacks that disable websites, ransomware attacks that encrypt organizational data on servers, hurricanes that damage or destroy organizational facilities, or hardware or software failures.