CMMC 1.0 Practice IR.3.099 Requirement:

Test the organizational incident response capability.

CMMC 1.0 IR.3.099 Requirement Explanation:

By testing your incident response capability your are identifying any process and team weaknesses before the occurrence of an actual incident. This allows to improve your incident response capability. By using walk-through and tabletop exercises you can meet this requirement.

Example CMMC 1.0 IR.3.099 Implementation:

Use walk-through, tabletop, or simulations to test your incident response capability. Come up with a scenario and see how your team reacts to it. Document the results and modify your incident response process accordingly. You should periodically conduct these, perhaps bi-annually.

CMMC 1.0 IR.3.099 Scenario(s):

- Scenario 1:

To test your incident response capability your company will be going through a tabletop exercise. Here is the scenario: Alice, your network administrator, is overworked and underpaid. She quickly builds an installation file for the patch and deploys it before leaving for the day. Next, Joe, the on-call IT technician, begins receiving calls that nobody can log in. It turns out that no testing was done for the recently-installed critical patch. As part of the table top exercise your team answers the following questions: What is Joe’s response in this scenario? Does your on-call technician have the expertise to handle this incident? If not, are there defined escalation processes? Does your organization have a formal change control policy? Are your employees trained on proper change control? Does your organization have disciplinary procedures in place for when an employee fails to follow established policies? Does your organization have the ability to “roll back” patches in the event of unanticipated negative impacts? The answers to the above questions are documented along with any improvements you want to make to your incident response capability.

Discover Our Cybersecurity Complaince Solutions:


NIST SP 800-171 & CMMC Compliance

Whether you need to meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements, help your clients meet them, or verify sub-contractor compliance we have the expertise and solution for you.

HIPAA Compliance

Whether you need to meet and maintain your HIPAA compliance requirements or help your clients meet them we have the expertise and solution for you.