STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 7 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← All Controls

IR-1

Incident ResponseRev 5

Policy and Procedures

CCI Identifiers (18)

CCI-000805Develop and document an organization-level; mission/business process-level; and/or system-level incident response policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.CCI-000806Disseminate an organization-level; mission/business process-level; and/or system-level incident response policy to organization-defined personnel or roles.CCI-000807Review and update the current incident response policy in accordance with organization-defined frequency.CCI-000808Defines the frequency with which to review and update the current incident response policy.CCI-000809Develop and document procedures to facilitate the implementation of incident response policy and associated incident response controls.CCI-000810Disseminate the incident response procedures to organization-defined personnel or roles.CCI-000811Review and update the current incident response procedures in accordance with organization-defined frequency.CCI-000812Defines the frequency with which to review and update the current incident response procedures.CCI-002776Defines the personnel or roles to whom the organization-level; mission/business process-level; and/or system-level incident response policy is disseminated.CCI-002777Defines the personnel or roles to whom the incident response procedures are disseminated.CCI-004109Develop and document an organization-level; mission/business process-level; and/or system-level incident response policy that is consistent with applicable laws, executive orders, directives, regulations, policies, standards, and guidelines.CCI-004110Designate an organization-defined official to manage the incident response policy.CCI-004111Designate an organization-defined official to manage the incident response procedures.CCI-004112Defines the official designated to manage the incident response policy and procedures.CCI-004113Review and update the current incident response policy following organization-defined events.CCI-004114Defines the events for reviewing and updating the current incident response policy.CCI-004115Review and update the current incident response procedures following organization-defined events.CCI-004116Defines the events for reviewing and updating the current incident response procedures.

Linked STIG Checks (0)

No STIG checks reference this control.