CMMCDocs.comHome / Glossary / Incident Response (IR) Family
Incident Response (IR) Family
Also known as: IR family
The IR family covers 3 NIST SP 800-171 requirements governing incident response capability, tracking, and testing.
The Incident Response (IR) family contains 3 NIST SP 800-171 Rev 2 security requirements: IR.L2-3.6.1 (establish an operational incident-handling capability that includes preparation, detection, analysis, containment, recovery, and user response activities), IR.L2-3.6.2 (track, document, and report incidents to designated officials and authorities), and IR.L2-3.6.3 (test the organizational incident response capability).
A C3PAO will review the Incident Response Plan, look for evidence of recent tabletop exercises, verify the DIBNet 72-hour reporting workflow required by DFARS 252.204-7012, and ask for documentation of any actual incidents in the past 12-24 months.
Stop Googling. Start working.
CMMCDocs has all 110 NIST SP 800-171 Rev 2 requirements built in — with the language, the templates, and the evidence vault you need. Spin up a free demo workspace and click around the way an assessor would.
Get my demo account