NIST 800-53 REV 5 • INCIDENT RESPONSE

IR-3(2)Coordination with Related Plans

Coordinate incident response testing with organizational elements responsible for related plans.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

Organizational plans related to incident response testing include business continuity plans, disaster recovery plans, continuity of operations plans, contingency plans, crisis communications plans, critical infrastructure plans, and occupant emergency plans.

Practitioner Notes

Your incident response plan does not exist in a vacuum. It needs to work together with your business continuity plan, disaster recovery plan, and any other contingency plans your organization maintains.

Example 1: When you test your IR plan, invite the business continuity team to participate. Run a combined scenario where a cyber incident triggers a business disruption — for example, ransomware takes down your ERP system during quarter-end close.

Example 2: Create a cross-reference matrix in Excel or SharePoint that maps your IR plan sections to your disaster recovery and continuity plans. When you update or test one plan, check the matrix to ensure related plans are also reviewed and aligned.

More Incident Response Controls

IR-1 Policy and Procedures IR-2 Incident Response Training IR-2(1) Simulated Events IR-2(2) Automated Training Environments