Control: The organization trains personnel in their incident response roles and responsibilities with respect to the information system and provides refresher training [Assignment: organization- defined frequency, at least annually].

Supplemental Guidance: None.

Control Enhancements:

(1) The organization incorporates simulated events into incident response training to facilitate effective response by personnel in crisis situations.

(2) The organization employs automated mechanisms to provide a more thorough and realistic training environment.

Baseline: LOW Not Selected MOD IR-2 HIGH IR-2 (1)

Family: Incident Response

Class: Operational

ISO 17799 mapping: 13.1.1

COBIT 4.1 mapping: None.