Information Technology Reference
In-Depth Information
Category/
Subcategory/
Element
Control
Reference
Control Summary
Interpretation
IA-7
Cryptographic
module
authentication
The information system employs
authentication methods that meet
the requirements of applicable
laws, executive orders, directives,
policies, regulations, standards,
and guidance for authentication
to a cryptographic module.
ir
incident response
IR-1
Incident response
policy and
procedures
The organization develops,
disseminates, and periodically
reviews/updates: (i) a formal,
documented incident response
policy that addresses purpose,
scope, roles, responsibilities,
management commitment,
coordination among
organizational entities, and
compliance; and (ii) formal,
documented procedures to
facilitate the implementation of
the incident response policy and
associated incident response
controls.
IR-2
Incident response
training
The organization trains personnel
in their incident response roles
and responsibilities with respect
to the information system and
provides refresher training
[assignment: organization-
defined frequency, at least
annually].
IR-3
Incident response
testing and
exercises
The organization tests and
exercises the incident response
capability for the information
system [assignment: organization-
defined frequency, at least
annually] using [assignment:
organization-defined tests and
exercises] to determine the
incident response effectiveness
and documents the results.
IR-4
Incident handling
The organization implements an
incident handling capability for
security incidents that includes
preparation, detection and
analysis, containment,
eradication, and recovery.
