Control Description Data Protection Classification
Level 1 Level 2 Level 3 Level 4
IR-1 Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities. essential essential essential essential
IR-2 Track, document, and report incidents to designated officials and/or authorities both internal and external to the organization. required required essential essential
IR-3 Test the organizational incident response capability. required required essential essential