The significant difference is the maturing of the organisation's readiness level to advanced-level exercises and tests. It focuses on the complexity and the inter-relationship between the other business units and interested parties. The validity and workability of the CIR plan are evaluated.
Errors and loopholes can be identified during this phase. The simulation of a cyber security attack can prepare employees to be accustomed to the environment. The organisation can gauge their ability to mitigate or respond to cyber security incidents based on its documented plan.
| Back To: Rationale for Lack of Cyber Security Prioritisation | Plan Maintenance | Training and Awareness |
| Advanced Testing and Exercising | Audit | Cyber Security Mindset and Culture |
| Competency-based Course |
Certification Course | ||
Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.
Reference: Chapter 10 Program Management 10.5 Advanced Testing and Exercising
Note: This version was the draft 2nd Edition being updated in 2023. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.