IR-3: Incident Response Testing
NIST Baseline: Moderate
Privacy Baseline: Yes
DIR Required By: 07/20/2023
Review Date: 07/10/2024
- The Incident Response Plan shall be tested, at least annually, as required by Texas Department of Information Resources (DIR), with checklists, walk-through or tabletop exercises/simulations or other means to review and refine incident response procedures.
- Any lessons learned discovered during annual testing should be incorporated into incident response procedures for continuous improvement.
References/Additional Resources
None. See any applicable internal procedures.