SOC 2 Academy: Testing Your Incident Response Plan

Author: kirkpatrickprice00

Description: Learn more at

No plan works the way it’s supposed to without a little practice. An organization’s incident response plan might look perfect on paper, but what happens when a security incident actually occurs and it’s time to put that plan into action? The incident response team members might get confused or miss a critical step in the recovery process. To ensure that the incident response plan resolves the security incident as smoothly as possible, organizations should practice it at least annually.
Let’s look at the following scenario as an example. An organization wants to make sure that their incident response plan has all of the kinks worked out because they know that security incidents are unavoidable and want to be best prepared. They decide to hold an annual incident response training with their incident response team members where they review three possible scenarios: malware has attacked their network, an employee fell victim to a phishing attack, and a former employee stole sensitive data before resigning. While there is no telling if any of these scenarios will actually occur at that organization, having the incident response team members practice responding to different scenarios allows them to learn how to adapt the incident response plan to different situations.

Stay Connected

More Free Resources
White Papers:

About Us
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks.

For more about KirkpatrickPrice:
Contact us today: 800-770-2701