IR-3: Incident Response Testing

NIST Baseline:  Moderate 

Privacy Baseline:  Yes 

DIR Required By:  07/20/2023 

Review Date:  07/10/2024 

  1. The Incident Response Plan shall be tested, at least annually, as required by Texas Department of Information Resources (DIR), with checklists, walk-through or tabletop exercises/simulations or other means to review and refine incident response procedures. 
  1. Any lessons learned discovered during annual testing should be incorporated into incident response procedures for continuous improvement. 

References/Additional Resources

None.  See any applicable internal procedures.