Control ID |
Control Description | Data Protection Classification | ||||||
Level 1 | Level 2 | Level 3 | Level 4 | |||||
IR-1 | Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities. | essential | essential | essential | essential | |||
IR-2 | Track, document, and report incidents to designated officials and/or authorities both internal and external to the organization. | required | required | essential | essential | |||
IR-3 | Test the organizational incident response capability. | required | required | essential | essential |