Overview
CSC V8 control 17.7 recommends that organisations “Plan and conduct routine incident response exercises and scenarios for key personnel involved in the incident response process to prepare for responding to real-world incidents. Exercises need to test communication channels, decision making, and workflows. Conduct testing on an annual basis, at a minimum.”.
Note
CSC V8 places this control in the category of “Incident Response Management”.
CSC V8 places this control in the function of “Recover”.
This control protects the following type of asset “N/A”.
What is CIS Critical Security Controls?
The CIS Controls (formerly known as Critical Security Controls) are a recommended set of actions for cyber defense that provide specific and actionable ways to protect against cyber attacks.
The Center for Internet Security (CIS) publishes the CIS Critical Security Controls (CSC) to help organizations better defend against known attacks by distilling key security concepts into actionable controls to achieve greater overall cybersecurity defense.