Cyber Posture

NIST 800-53 r5 · Controls catalogue · Family IR

IR-3Incident Response Testing

Test the effectiveness of the incident response capability for the system {{ insert: param, ir-03_odp.01 }} using the following tests: {{ insert: param, ir-03_odp.02 }}.

Last updated: 09 May 2026 03:25 UTC

Implementations targeting this control (0)

ATT&CK techniques this control mitigates (0)

Weaknesses this control addresses (7)AI

CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.

CWE Name CVEs Why this control addresses it
CWE-754Improper Check for Unusual or Exceptional Conditions697IR testing directly validates checks for unusual or exceptional conditions that could indicate security incidents.
CWE-755Improper Handling of Exceptional Conditions662Incident response testing confirms proper handling of exceptional conditions to limit exploit impact.
CWE-703Improper Check or Handling of Exceptional Conditions146Performing IR tests ensures exceptional conditions are properly checked and handled to enable effective response.
CWE-391Unchecked Error Condition23Testing IR effectiveness identifies and drives fixes for unchecked error conditions that fail to initiate incident handling.
CWE-778Insufficient Logging23IR testing would reveal insufficient logging that impairs incident analysis and response effectiveness.
CWE-390Detection of Error Condition Without Action14IR testing verifies that detected error conditions trigger appropriate response actions rather than being ignored.
CWE-392Missing Report of Error Condition11IR testing would expose missing error reporting that prevents timely incident detection and response.

Top CVEs where this control is the strongest mitigation

CVE Risk CVSS EPSS Match
No CVEs annotated to this control yet — the per-CVE backfill is in progress.

Other controls in family IR

IR-1 IR-10 IR-2 IR-4 IR-5 IR-6 IR-7 IR-8 IR-9