The process for testing the effectiveness of the incident response capabilities.


  • This Control applies to the university Chief Information Security Officer.


  • 1

    The Incident Response Plan shall be tested, at least annually, with tabletop exercises or other means to review and refine incident response procedures.

  • 2

    Annual testing shall identify lessons learned for continuous improvement of incident response procedures.